steamru.org Open in urlscan Pro
185.197.162.100  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://steamru.org/ HTTP 301
   https://steamru.org/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPpGzbZl2R7wEyl2QChtSHs&google_cver=1&google_push=AXcoOmTJ7MNlBgm0VDcCqX7yKSZ6_yEYRaZQf52wMPAXDOrQoDpjUqaClwMNcF0gun31bpRyUO_Mm1Ho5pQ3ATwXLppMEquc7r279B8l HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMTgzNjU2MTgwNTcyNDgzNQ==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9H10R280KTxzRzSITEoQs&google_cver=1

Request Chain 83

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dDeCBdvQIhyudUEy9wrGPiQbV83Iq9OkrJD96KBCSw8xXsjFANDgiLpHAc HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dDeCBdvQIhyudUEy9wrGPiQbV83Iq9OkrJD96KBCSw8xXsjFANDgiLpHAc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dDeCBdvQIhyudUEy9wrGPiQbV83Iq9OkrJD96KBCSw8xXsjFANDgiLpHAc

Request Chain 84

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEATL0EBg3Ci3xBGDTzZpZXc&google_cver=1&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF0vZzuPGYAXcDVve5jvtOc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF0vZzuPGYAXcDVve5jvtOc&google_hm=YNDaoR-iSN6Q8UexFcEQqbg

Request Chain 85

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIMtcaIJPHeRiRXKqup-7oQ&google_cver=1&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lMqgZuzvJy2dCsOFbg4N HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lMqgZuzvJy2dCsOFbg4N

Request Chain 87

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHkcO5ydJLuPM9ZuOr1ud8g&google_cver=1&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC7dQXTX-U HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC7dQXTX-U&google_hm=eS1tV2VVeWR0RTJwR3lJdHhTUjRZczRORk1OaEpRVDNhaH5B

Request Chain 88

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP_LNS7qf458_Iv27LGhTI4&google_cver=1&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd6yv1nsA2BDw7rJLgBTUa HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd6yv1nsA2BDw7rJLgBTUa

Request Chain 101

• https://redirector.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=5242214572541153F93C2A70D906D88BF1A67C56.1D00E3795119F3F5E92D8791FF8AF8CD6C01EE2A&key=ck2 HTTP 302
• https://r1---sn-5hne6n6e.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=52041E8201321AAD91C8B1ED31DDCE404B626A64.5E20B102CF987EDCA90515399D12F26961ED4832&key=cms1&cms_redirect=yes&mh=7k&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6n6e&ms=nvh&mt=1702078479&mv=u&mvi=1&pl=48

Request Chain 102

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1&C=1

Request Chain 103

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXOrcWPV0AmJXV837dP0tgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1

Request Chain 104

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEA6-MeAQuaZOkDO7HSVJCaM&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA6-MeAQuaZOkDO7HSVJCaM%26google_cver%3D1

Request Chain 105

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0NzA1NzA4ODkxNTQyOTM5

Request Chain 108

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM HTTP 301
• https://tpc.googlesyndication.com/simgad/9582802623576457529

Request Chain 112

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr25ig3AEQ2AQYlgEyCI1gGRvCtpy8 HTTP 301
• https://tpc.googlesyndication.com/simgad/2028896861534754722

Request Chain 114

• https://googleads.g.doubleclick.net/pagead/adview?ai=CZq99cKtzZfq7Bd6A7_UP7o6ziAy7tcmIc5uFovX8Ec-m9P0IEAEgkLuABGCV4pCCoAegAZLV3eQByAECqQIvDOyJugyyPqgDAcgDyQSqBPQBT9AyjYIqvqiO0juUi1lUZt9pRZKaviFUD3QRcPxgiT9AExP4rCR864-8ew8TaSpB4LzA_r6hu98LFKMwXx17rTwPJcQJ_u7HZtYvwb-VUHpEDdej5EkmmWqoQLdj3zpYLxcMQHxZCPlAmjCyTrrD18XMFVwcJmvpODeGC2s3ShP7LwnJFLH28ppftmp5qRup_7MdcuwgQJaDW-Bcgh0srf-2h3ridxdX9LAN5JBRPilgGGtPwTbTerAoXha6reJZPG870_xuDJ50xpvm1xceoYKneRbpsy_ga5oC9eRrKd1ApRj-fQE1YnFyE5d8C_QG37FjE8AEhJjlw7wEiAXVrfHNTJIFBAgEGAGSBQQIBRgEoAYCgAfWqqKbAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIvzE9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYupC81YOBgwOaCRhodHRwczovL3d3dy5lcC1ncm91cC5kZS-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMjE0Nzk0ODY1NzM4OTg2NBgA&sigh=jWhNNPixtbU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227070168852586403847%22,%22debug_reporting%22:true,%22destination%22:%22https://ep-group.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22479685266%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227270582719531175041%22}&andc=true

Request Chain 117

• https://googleads.g.doubleclick.net/pagead/adview?ai=CFTL9cKtzZfi7Bd6A7_UP7o6ziAz8v5HOdPOAue2uEtzo3P-pQRABIJC7gARgleKQgqAHoAHor-yIA8gBCakCLwzsiboMsj6oAwHIA8sEqgT1AU_QhW7aZhACueBRtwXrm3WkaKf5X99Qm8c117WGij7FeCWc3u-S0pM99GFNIv4cW5xOIxdHh8DVWOhof3mFNtR69HhLXtjiLg7pdczgYXR9oIXC1Mi0gnm2eYpZkmFnhE4wXrPQCD0FnDmG4q1OnP1CmTNGDSQfXlCQkW4yWk-01M5FtI283C5k1JqMp_AlRbh1q9zS_eWa_1ouHraSQTV4lvILot2EPyuorQYol5QCNXALLUE4eVy3alKXBvlJUYF0P8MJfzDkIbIRQFICX5vp4J1aFi1nu5Rg2EKNuclPnrvlL7gasJWKazFbDh6AaYvFtOm0wATKzveLxgSIBd3ls55NkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQk7cE0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOli6kLzVg4GDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BML0BUBmBYBgBcBshccChoIABIUcHViLTIxNDc5NDg2NTczODk4NjQYAA&sigh=0yhr_BXTHN4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216284634549663440785%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214603647126863078929%22}&andc=true

Request Chain 118

• https://googleads.g.doubleclick.net/pagead/adview?ai=C6zyicKtzZfm7Bd6A7_UP7o6ziAyp_6DQdL6K-JvwEaOener_QBABIJC7gARgleKQgqAHoAHor-yIA8gBCakCLwzsiboMsj6oAwHIA8sEqgT-AU_QdcPC1TKtrLtweaG0k3rAxFgtwdGgRKuTvHgrpBeMldWOhShEfVjK_4ZBTPpvUtfii6oAKa_FteZqT6wBRchjGYNZHQW8GmQhopJQlb_azfwCw6Aa0e4DcuM9aW05OZdnwV1ICJ75dlBKPK9ut9Jfw1cdrPTYYuvx53eUO5qnXp9KA_uPfpZNrDkqlygTfgGYBFwg7wY3LWrP2Yd1Nnmmyvs1XotVRAR58oYE-rwHeGJzWpU1n3_1PuJjD8B2ETc5EGIjH725alM2TnS8NHnVr_k-ILCLsyMYYOyJXWiDffeJMZT57AP2FsU0eqE_VQo90mpXx-JOJQEZsP64wAToqvT1wgSIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQysED0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOli6kLzVg4GDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTIxNDc5NDg2NTczODk4NjQYAA&sigh=hzjch_lzxlw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217015351411017311433%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211954621686527185393%22}&andc=true

Request Chain 134

• https://googleads.g.doubleclick.net/pagead/adview?ai=C1VCfcKtzZbWHM96A7_UP7o6ziAyqhMLbdJ3VtZaHEvzBtauuARABIJC7gARgleKQgqAHoAGl7ffFA8gBCakCLwzsiboMsj6oAwHIA8sEqgTzAU_QUKSNr4GwOZXaTi4MSzku5PTpQzKStuRH3sDE3V00SKiibDUmnK25cW_jtkIw-cqk1hMHwEvc_hNGFVWj30Ci4bPgmHyo_Q5U05sLzyeI4nUphygZgKhNzzH41E7jGnsQzXU4pTPubLeQYOAfsylqw9NrbcKevJeF8TFoNqfWbNQVcerPUUj0NtLG1-6p_4LbUXcZYX-i7I2bqWBiYaC4RU0zefmRVNCf2FUZpCrWsudjsLdA9nV09o_-ktbC9ra0NZ6_i1Lx_rxUJsac-tAHeFLghn7J6BSw0tYHcQPv4IwdTLNajvr-dLY7jYyZ0sc3AcAEn_61hMQEiAXGxpbFTZIFBAgEGAGSBQQIBRgEoAYugAfDkog6qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQzusE0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOli74-nVg4GDA5oJdWh0dHBzOi8vd3d3LmZvbS5kZS9hbGxlcy13YXMtZGEta29tbXQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1iYW5uZXImdXRtX2NhbXBhaWduPWJiX2RlejIzJnV0bV9jb250ZW50PWhpbnRlcmhlcoAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7ECuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMTQ3OTQ4NjU3Mzg5ODY0GAA&sigh=yzjyyzOYyZQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN2YxzLvalk8LSX_UYZKIgXpbypgmqyb6To4mElMsC6wdefeAFERDX7K4WiR1X0CR2azmYQQp-GAE&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223958797341746016665%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223982636033521610689%22}&andc=true

Request Chain 139

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1

Request Chain 140

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXOrce4-Dwc-rbmyj2yyNQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1

Request Chain 141

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEINwGvDr7qUz9_q9RO9Yrh4&google_cver=1

Request Chain 142

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE3OTQ4OTk5MTg2NDUyNDQ2Mg%3D%3D

Request Chain 147

• https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 158

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511

Request Chain 160

• https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 170

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cver=1&google_push=AXcoOmRJwlSa-lq5VmK2iQg2tvx9HGOWvFPlflDgJyeJx5HmljA4OjFcDTiP_JOGZHiEZ5gli_pu2-KGlAGB-0vjBhhX7OvyRzLpcYBo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cver=1&google_push=AXcoOmRJwlSa-lq5VmK2iQg2tvx9HGOWvFPlflDgJyeJx5HmljA4OjFcDTiP_JOGZHiEZ5gli_pu2-KGlAGB-0vjBhhX7OvyRzLpcYBo

Request Chain 172

• https://d.agkn.com/pixel/2175/?google_gid=CAESEG4Xqjd62FDGW8YBseppGVc&google_cver=1&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx&google_hm=Q0FFU0VHNFhxamQ2MkZER1c4WUJzZXBwR1Zj

Request Chain 173

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIq9ZmIBOuHOtYlIe5ZYE4Q&google_cver=1&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKtmB27OxUin6j5MU6JY- HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKtmB27OxUin6j5MU6JY-

Request Chain 189

• https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=18077400002785304444550012533030&ra_cnt_active=1&ra_cnt=1 HTTP 302
• https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372365464

Request Chain 191

• https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099 HTTP 302
• https://8019191.fls.doubleclick.net/activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099

Request Chain 200

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1&google_push=AXcoOmT0wacihFI3wd3QEOOjJAxAfTMh44YB-m5hdLak5921bvfm9mJUKRtYII61SOuOcmx5ey7UTon4OBMyRoqiNWm0hcsSeoQqH83b-7lfyYpGd0SnBQ7TVWoL4r4_0JidNSK1EOH5X3HfPlZNijA5S6HAHg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMTgzNjU2MTgwNTcyNDgzNQ==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1

Request Chain 201

• https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFjWSQvfFoCojJana74zQHc&google_cver=1&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4sWSVQwLk0h2LNcpizKoNKxUes7ER89WZ_JSW5UQNN-9cb9101hbzuPCRqcVNCMJIrc_p-dc-RE9otPg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4sWSVQwLk0h2LNcpizKoNKxUes7ER89WZ_JSW5UQNN-9cb9101hbzuPCRqcVNCMJIrc_p-dc-RE9otPg&google_hm=YNDaoR-iSN6Q8UexFcEQqbg

Request Chain 205

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqnm2Hui3X_r-wrUG1dKFU&google_cver=1&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxiaxsMLwr857yKA1DmLWx-4A0btiMbirpE4bEFO2lqRZWvXAn2tZoz60GEcyGx2x53vvXjEpsDTnlpFw HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqnm2Hui3X_r-wrUG1dKFU&google_cver=1&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxiaxsMLwr857yKA1DmLWx-4A0btiMbirpE4bEFO2lqRZWvXAn2tZoz60GEcyGx2x53vvXjEpsDTnlpFw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcwMTU2MjkyNjY5MzkzMzM2Ng&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxiaxsMLwr857yKA1DmLWx-4A0btiMbirpE4bEFO2lqRZWvXAn2tZoz60GEcyGx2x53vvXjEpsDTnlpFw

Request Chain 206

• https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF290-pyex9wkPKjN1ZNPao&google_cver=1&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVLfQnID9KJzwe6UGPiXUVwCxqJSyZcvuBPtkKPlTGgd4dp8JIN0BKzz7Z1sagvZgg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVLfQnID9KJzwe6UGPiXUVwCxqJSyZcvuBPtkKPlTGgd4dp8JIN0BKzz7Z1sagvZgg&google_hm=MPFSedawTh6rHQU7J9p7TA

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response steamru.org/ Redirect Chain http://steamru.org/ https://steamru.org/	16 KB 5 KB	67ms 37ms	Document text/html	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 59385ae49bf5fa9dc2f4f9d8eadd4586a0b5573cde21be5e289b6a8a0ee6d400 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 08 Dec 2023 23:49:03 GMT last-modified Fri, 08 Dec 2023 23:49:03 GMT server nginx strict-transport-security max-age=31536000; vary Accept-Encoding x-ua-compatible IE=edge Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Fri, 08 Dec 2023 23:49:03 GMT Location https://steamru.org/ Server nginx
GET H2	200	style.min.css steamru.org/themes/	10 KB 3 KB	14ms 14ms	Stylesheet text/css	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/themes/style.min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash aa6670cd216514598e9395fb4bcaeecbd3d8bdd4bb541cc63ac995cf0308585e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:03 GMT strict-transport-security max-age=31536000; content-encoding gzip last-modified Thu, 19 Apr 2018 04:04:42 GMT server nginx etag W/"5ad8155a-27c2" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	181ms 65ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:28:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:03 GMT
GET H2	200	a.js Show response steamru.org/js/	158 B 386 B	15ms 15ms	Script application/javascript	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/js/a.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 9a886adbe15add3ec3eb5ed564419a60981a0a2bb266efc369417df69c1f1064 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:03 GMT strict-transport-security max-age=31536000; content-encoding gzip last-modified Mon, 26 Oct 2020 11:37:48 GMT server nginx etag W/"5f96b50c-9e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 51 KB	221ms 105ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: steamru.org URL: https://steamru.org/js/a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e1b1648c559568de29fe9fd35012f736e385d5020b6c487b1fc94bed60707dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51525 x-xss-protection 0 server cafe etag 11731822755184690192 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 08 Dec 2023 23:49:03 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d621f523e84eb7af66e3daba984f5ee4ab9257e301462577c3c66582c880ab0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pwk.phtml Show response steamru.org/	51 KB 18 KB	30ms 30ms	Script application/javascript	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/pwk.phtml Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 7f4972b6f7feb7a2dd6f98c8ea06df115dc3c07dca4efe0c0114ac85ddac47d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:03 GMT content-encoding gzip strict-transport-security max-age=31536000; last-modified Fri, 29 Sep 2023 22:17:51 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31622400
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	165ms 51ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:59:57 GMT x-content-type-options nosniff age 17346 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:59:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	219ms 105ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:15:52 GMT x-content-type-options nosniff age 333191 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 03:15:52 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 9 KB	234ms 122ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 07:59:02 GMT x-content-type-options nosniff age 316201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9576 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 07:59:02 GMT
GET H2	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 10 KB	174ms 64ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:29:56 GMT x-content-type-options nosniff age 11947 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9628 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 20:29:56 GMT
POST H2	200	pwk.phtml steamru.org/	43 B 163 B	15ms 15ms	Ping image/gif	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/pwk.phtml?action_name=STEAM%3A%20%D0%BA%D0%BB%D1%83%D0%B1%20%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9&param01=steamru.org&rec=1&r=875036&h=0&m=49&s=3&url=https%3A%2F%2Fsteamru.org%2F&_id=f61668480554c669&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=vrd6Ps&pf_net=30&pf_srv=37&pf_tfr=1&pf_dm1=196 Requested by Host: steamru.org URL: https://steamru.org/pwk.phtml Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://steamru.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Fri, 08 Dec 2023 23:49:03 GMT strict-transport-security max-age=31536000; server nginx x-robots-tag noindex, nofollow content-length 43 content-type image/gif
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	399 KB 135 KB	118ms 118ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bfbe7a9dc56df1290034e7a11d94cb04c6507876ada311aa25e3b771a0f0b5db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137973 x-xss-protection 0 server cafe etag 10870117546871228456 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 08 Dec 2023 23:49:03 GMT
GET H2	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame C642	9 KB 4 KB	175ms 53ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 10244 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4114 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:58:19 GMT etag 12700215250743596434 expires Fri, 22 Dec 2023 20:58:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 181A	720 KB 122 KB	565ms 564ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&adk=1812271804&adf=3025194257&lmt=1702079343&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsteamru.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079343798&bpp=3&bdt=499&idt=231&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7732832083763&frm=20&pv=2&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 11dbb35ad65fe961984b33ac275072666b8581ddecce2b0d68befee5dc1deeba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 124993 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:04 GMT expires Fri, 08 Dec 2023 23:49:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	88ms 87ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navigation&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	215ms 107ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6e5475fa4005c7747f94dae8b25882d677aafec30e04c9b56e7ed9ad35f709dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12141 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	160 KB 55 KB	100ms 100ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/reactive_library_fy2021.js?bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a79088ecebd2848158288e14b3497ad00111f77d7c9e60e9983b30075be980e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56013 x-xss-protection 0 server cafe etag 2481138161609695525 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 08 Dec 2023 23:49:04 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4AED	32 KB 13 KB	476ms 475ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a929a5d4c85387218fd86463c4d281193c297b36d1e5cc514ff17eed93d13653 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 13679 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT expires Fri, 08 Dec 2023 23:49:05 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 49C8	126 KB 43 KB	384ms 384ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fbc72a2e7f1125d3946d3047a29d314573ad431a0393f0aa276fdfcf5ea44c1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 43607 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT expires Fri, 08 Dec 2023 23:49:05 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9A13	33 KB 14 KB	753ms 752ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c484afa5abdae62ce1e5bf0f38ab92a35807c6477ed2f59015b19e71c21c679e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 14030 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT expires Fri, 08 Dec 2023 23:49:05 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 3446	9 KB 4 KB	54ms 53ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5867 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4114 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 22:11:17 GMT etag 12700215250743596434 expires Fri, 22 Dec 2023 22:11:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 4614	9 KB 4 KB	53ms 53ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5867 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4114 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 22:11:17 GMT etag 12700215250743596434 expires Fri, 22 Dec 2023 22:11:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame CFCC	9 KB 4 KB	53ms 53ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5867 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4114 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 22:11:17 GMT etag 12700215250743596434 expires Fri, 22 Dec 2023 22:11:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame D0EF	9 KB 4 KB	57ms 57ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5867 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4114 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 22:11:17 GMT etag 12700215250743596434 expires Fri, 22 Dec 2023 22:11:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	328ms 213ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 3446	4 KB 767 B	64ms 63ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:32:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	b1fdc9f83bbec90a172a8086cc6d7abe.js Show response www.gstatic.com/mysidia/ Frame 48DD	9 KB 4 KB	270ms 161ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 07:58:13 GMT content-encoding gzip x-content-type-options nosniff age 229852 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4047 x-xss-protection 0 last-modified Mon, 04 Dec 2023 21:30:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 05 Mar 2024 07:58:13 GMT
GET H2	200	f3e4f110ef20728e699563f7b41aab95.js Show response www.gstatic.com/mysidia/ Frame 48DD	234 KB 84 KB	217ms 108ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f52db409ed7560217c631a7d069bcaff0a2482213b28d3e8ab746f090600ece8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 21:23:26 GMT content-encoding gzip x-content-type-options nosniff age 8739 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85471 x-xss-protection 0 last-modified Mon, 04 Dec 2023 21:30:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 07 Mar 2024 21:23:26 GMT
GET H2	200	1b71563d924ca4f52d2a25828a1baeb1.js Show response www.gstatic.com/mysidia/ Frame 48DD	20 KB 8 KB	264ms 155ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1b71563d924ca4f52d2a25828a1baeb1.js?tag=pingback Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a2453efb0ddd056123d8e873da65d6acf0514f3e18e3f685eb86b01ddf7fb81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 12:27:05 GMT content-encoding gzip x-content-type-options nosniff age 300120 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8394 x-xss-protection 0 last-modified Wed, 29 Nov 2023 19:10:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 04 Mar 2024 12:27:05 GMT
GET H2	200	css fonts.googleapis.com/ Frame 48DD	9 KB 1 KB	65ms 62ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 99fae6468b3bd803389038dbee0d9d96f845779869b3d448db662e735bb8ec6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:22:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:05 GMT
GET H3	200	mdc_list_min.js Show response pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 48DD	27 KB 6 KB	68ms 66ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 14:09:44 GMT content-encoding br x-content-type-options nosniff age 34761 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6467 x-xss-protection 0 server cafe etag 4758454654811317262 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 14:09:44 GMT
GET H3	200	mdc_menu_min.js Show response pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 48DD	51 KB 11 KB	57ms 55ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:43:30 GMT content-encoding br x-content-type-options nosniff age 335 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11146 x-xss-protection 0 server cafe etag 2759356358486721826 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 23:43:30 GMT
GET H3	200	mdc_menu_surface.min.js Show response pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 48DD	18 KB 5 KB	81ms 79ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:27:31 GMT content-encoding br x-content-type-options nosniff age 1294 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4739 x-xss-protection 0 server cafe etag 18373107336927916518 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 23:27:31 GMT
GET H3	200	mdc_select_min.js Show response pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 48DD	103 KB 18 KB	74ms 72ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 15:33:33 GMT content-encoding br x-content-type-options nosniff age 29732 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18791 x-xss-protection 0 server cafe etag 10996637669125113147 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 15:33:33 GMT
GET H3	200	mdc_textfield_min.js Show response pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 48DD	58 KB 10 KB	69ms 67ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 17:24:33 GMT content-encoding br x-content-type-options nosniff age 23072 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10107 x-xss-protection 0 server cafe etag 7588401036457704084 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 17:24:33 GMT
GET H3	200	mdc_list_min.css pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 48DD	31 KB 3 KB	61ms 59ms	Stylesheet text/css	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 11:58:35 GMT content-encoding br x-content-type-options nosniff age 42630 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3021 x-xss-protection 0 server cafe etag 18113988596513574663 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 11:58:35 GMT
GET H3	200	mdc_menu_min.css pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 48DD	3 KB 791 B	63ms 62ms	Stylesheet text/css	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:17:05 GMT content-encoding br x-content-type-options nosniff age 1920 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 766 x-xss-protection 0 server cafe etag 14497039402300002370 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 23:17:05 GMT
GET H3	200	mdc_menu_surface_min.css pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 48DD	2 KB 636 B	62ms 61ms	Stylesheet text/css	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 21:48:40 GMT content-encoding br x-content-type-options nosniff age 7225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 611 x-xss-protection 0 server cafe etag 18268606943400439583 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 21:48:40 GMT
GET H3	200	mdc_select_min.css pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 48DD	37 KB 4 KB	59ms 58ms	Stylesheet text/css	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 17:10:40 GMT content-encoding br x-content-type-options nosniff age 23905 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3940 x-xss-protection 0 server cafe etag 17986137158686949241 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 17:10:40 GMT
GET H3	200	mdc_textfield_min.css pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 48DD	51 KB 5 KB	65ms 63ms	Stylesheet text/css	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:39:58 GMT content-encoding br x-content-type-options nosniff age 11347 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4595 x-xss-protection 0 server cafe etag 17552977722549843295 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Sat, 09 Dec 2023 20:39:58 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 48DD	2 KB 903 B	219ms 130ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 17633 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H2	200	b3d22904135f8697752ffb260ada44de.js Show response www.gstatic.com/mysidia/ Frame 48DD	23 KB 10 KB	255ms 149ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b3d22904135f8697752ffb260ada44de.js?tag=exit_2019 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 11:58:35 GMT content-encoding gzip x-content-type-options nosniff age 388230 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9829 x-xss-protection 0 last-modified Wed, 29 Nov 2023 19:10:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 03 Mar 2024 11:58:35 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 48DD	24 KB 9 KB	278ms 190ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 17662 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 48DD	3 KB 1 KB	266ms 178ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 48DD	20 KB 9 KB	141ms 54ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 48DD	202 KB 64 KB	181ms 66ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 3446	16 KB 7 KB	218ms 132ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:58:21 GMT content-encoding br x-content-type-options nosniff age 17444 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6784 x-xss-protection 0 server cafe etag 2582286893585073394 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:58:21 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3446	205 B 294 B	303ms 201ms	Image image/png	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 21:17:49 GMT x-content-type-options nosniff age 9076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 07 Dec 2024 21:17:49 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3446	604 B 920 B	300ms 198ms	Image image/png	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:38:28 GMT x-content-type-options nosniff age 331837 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 04 Dec 2024 03:38:28 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 3446	22 KB 9 KB	153ms 69ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:17:23 GMT content-encoding br x-content-type-options nosniff age 16302 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9231 x-xss-protection 0 server cafe etag 9385233705467680479 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:17:23 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4614	2 KB 856 B	257ms 189ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 17633 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4614	24 KB 9 KB	238ms 171ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 17662 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4614	3 KB 1 KB	253ms 187ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4614	20 KB 8 KB	178ms 112ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 4614	202 KB 64 KB	291ms 197ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	7a8419aef3683f04c437bd15cecf843d.js Show response www.gstatic.com/mysidia/ Frame 4614	37 KB 16 KB	135ms 52ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 05:25:25 GMT content-encoding gzip x-content-type-options nosniff age 325420 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15452 x-xss-protection 0 last-modified Wed, 29 Nov 2023 19:10:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 04 Mar 2024 05:25:25 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CFCC	2 KB 856 B	256ms 195ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 17633 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame CFCC	24 KB 9 KB	237ms 180ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 17662 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CFCC	3 KB 1 KB	245ms 188ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CFCC	20 KB 8 KB	177ms 119ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame CFCC	202 KB 64 KB	248ms 163ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	7a8419aef3683f04c437bd15cecf843d.js Show response www.gstatic.com/mysidia/ Frame CFCC	37 KB 15 KB	139ms 65ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 05:25:25 GMT content-encoding gzip x-content-type-options nosniff age 325420 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15452 x-xss-protection 0 last-modified Wed, 29 Nov 2023 19:10:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 04 Mar 2024 05:25:25 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame D0EF	24 KB 9 KB	247ms 196ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 17662 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4B1D	143 B 166 B	54ms 53ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 639 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:38:26 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D0EF	3 KB 1 KB	262ms 212ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D0EF	20 KB 8 KB	110ms 61ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	15065436533490920699 tpc.googlesyndication.com/simgad/ Frame D0EF	30 KB 31 KB	188ms 139ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15065436533490920699?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn3XD8HUL09Ca4Xg40YEXAqrSSFsA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db91bcb9179477046f87135eef17ed47dc8329d4452997b9a0ce1f4a87eff480 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:44:44 GMT x-content-type-options nosniff age 129861 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31187 x-xss-protection 0 last-modified Mon, 18 Sep 2023 13:09:18 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 06 Dec 2024 11:44:44 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame D0EF	202 KB 64 KB	303ms 226ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D0EF	36 KB 15 KB	250ms 201ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:08:39 GMT content-encoding br x-content-type-options nosniff age 16826 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14788 x-xss-protection 0 server cafe etag 1899721059218863233 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:08:39 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4B1D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	66ms 65ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT expires Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 49C8	4 KB 655 B	62ms 62ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:20:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:05 GMT
GET DATA	200 OK	truncated / Frame D0EF	221 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f4c0f05d9170bd92ed06e52ac7c5bdd7c0f37eee3628ace47f932bd41c550a35 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 49C8	2 KB 856 B	110ms 109ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 17633 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 49C8	24 KB 9 KB	106ms 106ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 17662 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 49C8	3 KB 1 KB	107ms 107ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/10443575734938023087/ Frame 49C8	28 KB 28 KB	107ms 106ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10443575734938023087/14763004658117789537?w=600&h=314&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85b248acdf190c083dd40a4e0a5cd3d3d054f160832b304c482ab7e4a4061178 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:02:10 GMT x-content-type-options nosniff age 2815 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28669 x-xss-protection 0 last-modified Thu, 30 Nov 2023 12:59:48 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 23:02:10 GMT
GET H2	200	1278008226443301290 tpc.googlesyndication.com/simgad/ Frame 49C8	5 KB 5 KB	116ms 116ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1278008226443301290?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6181f624b113f2e049276cbd3bbcac16eca77788075b72fbae6c23edde73bb48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 14:11:16 GMT x-content-type-options nosniff age 380269 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5286 x-xss-protection 0 last-modified Thu, 30 Nov 2023 13:46:41 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 03 Dec 2024 14:11:16 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 6BB5	1 KB 649 B	54ms 53ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11351 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 49C8	20 KB 8 KB	114ms 113ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 49C8	0 0	66ms 63ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlKaRlBsip4Z4F7DQpelQ186Djezu2Ab3No8vLCEyGKF8y65Eef7-gdK07E4yW6yWYmItpbgetsnZIn-hPc2En-Qf7gQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 49C8	202 KB 64 KB	163ms 162ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	7a8419aef3683f04c437bd15cecf843d.js Show response www.gstatic.com/mysidia/ Frame 49C8	37 KB 15 KB	97ms 96ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 05:25:25 GMT content-encoding gzip x-content-type-options nosniff age 325420 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15452 x-xss-protection 0 last-modified Wed, 29 Nov 2023 19:10:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 04 Mar 2024 05:25:25 GMT
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6BB5 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPpGzbZl2R7wEyl2QChtSHs&google_cver=1&google_push=AXcoOmTJ7MNlBgm0VDcCqX7yKSZ6_yEYRaZQf52wMPAXDOrQoDpjUqaClwMNcF0gun31bpRyUO_Mm1Ho5pQ3ATwXLppMEquc7r279B8l https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMTgzNjU2MTgwNTcyNDgzNQ==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9H10R280KTxzRzSITEoQs&google_cver=1	43 B 398 B	167ms 14ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9H10R280KTxzRzSITEoQs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9H10R280KTxzRzSITEoQs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6BB5 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dD...	170 B 232 B	77ms 55ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dDeCBdvQIhyudUEy9wrGPiQbV83Iq9OkrJD96KBCSw8xXsjFANDgiLpHAc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:04 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEMTUXVZFqO0e8q30NSX9xN8&google_cver=1&google_push=AXcoOmQeyZdG48Ev7f98KkG8I4X7O1PpDtrIQDKwuS4W5dDeCBdvQIhyudUEy9wrGPiQbV83Iq9OkrJD96KBCSw8xXsjFANDgiLpHAc Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6BB5 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEATL0EBg3Ci3xBGDTzZpZXc&google_cver=1&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF0vZzuPGYAXcDVve5jvtOc&google_hm=YNDaoR-iSN6Q8Uex...	170 B 243 B	79ms 48ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF0vZzuPGYAXcDVve5jvtOc&google_hm=YNDaoR-iSN6Q8UexFcEQqbg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:04 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT7fEsE1T749N_llCh_HT8OErQw6yFi1Dyaor-fAm8nDIFB8vvphEfix1rcOC5qIMnrZSkCFJ6AhmF0vZzuPGYAXcDVve5jvtOc&google_hm=YNDaoR-iSN6Q8UexFcEQqbg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6BB5 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIMtcaIJPHeRiRXKqup-7oQ&google_cver=1&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lM... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lMqgZu...	170 B 232 B	82ms 49ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lMqgZuzvJy2dCsOFbg4N Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmRWxP1C46jG7dmP5jzf8404wlTRTXGuWgOHTcayao_3h_7f0OAZJc4X75doZm90MGJPgWZHAD7sf0s0lMqgZuzvJy2dCsOFbg4N Date Fri, 08 Dec 2023 23:49:05 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	sync x.bidswitch.net/ Frame 6BB5	43 B 146 B	31ms 8ms	Image image/gif	35.156.152.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEYJKY63nU0dz4uj7fO1boQ&google_cver=1&google_push=AXcoOmSl4Bw9QGim-x-l95Wo_yCAK-bF4f8ZXLhdGH8orv0ecZH-gg6Rr77GEId8ZC_CI8IGyTb3I8pI_8sNbrrRmIlFTxnatW8hF31- Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.152.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-152-149.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6BB5 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHkcO5ydJLuPM9ZuOr1ud8g&google_cver=1&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC7dQXTX-U&google_hm=eS1tV2VVeWR0RTJwR3l...	170 B 232 B	55ms 55ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC7dQXTX-U&google_hm=eS1tV2VVeWR0RTJwR3lJdHhTUjRZczRORk1OaEpRVDNhaH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 08 Dec 2023 23:49:05 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHpJYYKqN0b8nCExWyX8AtSJsjAoZCSCZXNZXTOS9o1OU7iZqQPf6tAE_DY17n9VF1PBZEHmioCXd8d5WUwAFYaZC7dQXTX-U&google_hm=eS1tV2VVeWR0RTJwR3lJdHhTUjRZczRORk1OaEpRVDNhaH5B content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6BB5 Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP_LNS7qf458_Iv27LGhTI4&google_cver=1&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd6yv1nsA2BDw7rJLgBTUa	170 B 232 B	48ms 47ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd6yv1nsA2BDw7rJLgBTUa Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS28t-YX0uNzbK8nQ3_KOo52woFlKt-7HHGWPhtU7albP7HdmxfF9-xB7jce_jY7fHdAYgG1UPFzytd6yv1nsA2BDw7rJLgBTUa strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 6BB5	0 139 B	135ms 45ms	Image text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmvkqD9VasfuWtB9g-dls4eSKIAs2WhqMkOPwO93fGEjEJtLrr8n-4gi_Ow-l00FIir6HU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6149	624 B 242 B	96ms 94ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUe_8uVMHso9Y9WoZfSx_vh1YXYp71J2h3QS-ZWdCZu46cKX1hPbbTew5HiabkqeTY_WLI6uSUhNZ5BW35zNgZSB86FbqAU3_feTgR_lk7T7HwadyPEwjCKhUNvB8UXZH2rlu3scfE7URaBHawHXtsPmc2Gz1-7h7TtAU6YbcQ_hOmMB_Y Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame E24C	89 KB 31 KB	160ms 158ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E24C	3 KB 1 KB	58ms 56ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E24C	20 KB 8 KB	55ms 53ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame E24C	0 0	63ms 62ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-LRooyJdS2mRBpHcxNOTcuI6WIESazlQXeFhQCLGhePSyKvDDEa8q6wxaUu1uJ1cI6Lz5iQzCOCnp4nI5oL42IKa4Lw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame E24C	202 KB 64 KB	110ms 108ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame E24C	42 B 71 B	88ms 87ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CiK2rhtPzSWrGqkmO5G7-Yv2S42Ne5r84dG_qCLGjfJeKDx-WnxqIiJriZ6hqKcBm1fesICz4Ava4YWqDDLQX2x_TC1jTqCnPRB0PKfVj15KlaJTE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DB2	13 KB 5 KB	52ms 51ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1531 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:23:34 GMT expires Sat, 07 Dec 2024 23:23:34 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 928C	829 B 997 B	66ms 64ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ffd09e4e925c6efbb3c1d923467a36a421b33172b093cbc4a63984294ac1d32e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WGKukgDEj0rvlWrtWib5Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-WGKukgDEj0rvlWrtWib5Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT expires Fri, 08 Dec 2023 23:49:05 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	csi csi.gstatic.com/ Frame 48DD	0 234 B	448ms 145ms	Ping image/gif	2607:f8b0:4023:1::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpxa3g7j&c=5327146808986&slotId=2663573404493&eee=missing-element&bi=missing-id&ulv=1&ua_e=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 49C8	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c1740180ad8a081df919cac3b692a72a29c5b9a0e9d0680f4e1a8a475e57d71 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	206	videoplayback r1---sn-5hne6n6e.gvt1.com/ Frame 48DD Redirect Chain https://redirector.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=ip,ipbits,expire,id,... https://r1---sn-5hne6n6e.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...	575 KB 575 KB	97ms 33ms	Media video/mp4	2a00:1450:400e:17::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-5hne6n6e.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=52041E8201321AAD91C8B1ED31DDCE404B626A64.5E20B102CF987EDCA90515399D12F26961ED4832&key=cms1&cms_redirect=yes&mh=7k&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6n6e&ms=nvh&mt=1702078479&mv=u&mvi=1&pl=48 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H3 Server 2a00:1450:400e:17::6 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 0758684142ee537b6f598a9a4beb7b55f79cc9a0d204e56846f015baa2ec12c8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers client-protocol quic date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff last-modified Thu, 08 Jun 2023 20:41:31 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-588410/588411 cache-control private, max-age=6899 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 588411 expires Fri, 08 Dec 2023 23:49:05 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r1---sn-5hne6n6e.gvt1.com/videoplayback?id=386784aa0cad8848&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1702086544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=52041E8201321AAD91C8B1ED31DDCE404B626A64.5E20B102CF987EDCA90515399D12F26961ED4832&key=cms1&cms_redirect=yes&mh=7k&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hne6n6e&ms=nvh&mt=1702078479&mv=u&mvi=1&pl=48 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 707 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 6149 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1&C=1	43 B 335 B	24ms 23ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUe_8uVMHso9Y9WoZfSx_vh1YXYp71J2h3QS-ZWdCZu46cKX1hPbbTew5HiabkqeTY_WLI6uSUhNZ5BW35zNgZSB86FbqAU3_feTgR_lk7T7HwadyPEwjCKhUNvB8UXZH2rlu3scfE7URaBHawHXtsPmc2Gz1-7h7TtAU6YbcQ_hOmMB_Y Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZXo8kaiUBQORsVfGeUgH4mmCE11XKmjr%2B4UNCexaBsBEGXb9nEszsksFrh5BeQXGE2WRA5dcAKqiiXE0wTAkBcCGWDHSy3RQRpboSYhfXxRmTQ4azyCVVjLngmzutRBKSXHBtxTnqo4hw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8328e7257da41963-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZFSyLXwJARnGE8IWWEmdMpnK0DP5G67xQ5YcUWjjlZKUdr563Wqlydpjhr9KcdTmQHhZYmVajYe0UF%2FmxWl7E9QLNn%2FXd05mu0xLMUrsxMF1VaWzx4qfdfLbdrqTKi28qbkFV6hS6Ng4w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1&C=1 cache-control no-cache cf-ray 8328e7254d8b1963-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 6149 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXOrcWPV0AmJXV837dP0tgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1	43 B 771 B	27ms 26ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUe_8uVMHso9Y9WoZfSx_vh1YXYp71J2h3QS-ZWdCZu46cKX1hPbbTew5HiabkqeTY_WLI6uSUhNZ5BW35zNgZSB86FbqAU3_feTgR_lk7T7HwadyPEwjCKhUNvB8UXZH2rlu3scfE7URaBHawHXtsPmc2Gz1-7h7TtAU6YbcQ_hOmMB_Y Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJBzGzCWLPJ648YwwSQdbX9S1g38EfhsMHWiSdSFy92mSw%2B%2B2hpNw54ZznnQ%2BZF%2FTZEKybOKTmGT7YU12MZtIs9NleFazKiOodW6xZqOMe0DVkHYeitYV%2BrIlRrN9gkJlqtio2wjxeWlGA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8328e725ffaf1941-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJaqrmsS2K4Hb3wkxeMiYC4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 6149 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEA6-MeAQuaZOkDO7HSVJCaM&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA6-MeAQuaZOkDO7HSVJCaM%26google_cver%3D1	43 B 890 B	14ms 14ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA6-MeAQuaZOkDO7HSVJCaM%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUe_8uVMHso9Y9WoZfSx_vh1YXYp71J2h3QS-ZWdCZu46cKX1hPbbTew5HiabkqeTY_WLI6uSUhNZ5BW35zNgZSB86FbqAU3_feTgR_lk7T7HwadyPEwjCKhUNvB8UXZH2rlu3scfE7URaBHawHXtsPmc2Gz1-7h7TtAU6YbcQ_hOmMB_Y Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT an-x-request-uuid 59653cf0-2692-4b38-8d25-9fd2c4a795bc server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.155.184; 185.213.155.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT an-x-request-uuid 1f44aa4d-08d8-4414-a76e-a06e68f7eccb server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA6-MeAQuaZOkDO7HSVJCaM%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 185.213.155.184; 185.213.155.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6149 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0NzA1NzA4ODkxNTQyOTM5	170 B 188 B	48ms 47ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0NzA1NzA4ODkxNTQyOTM5 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUe_8uVMHso9Y9WoZfSx_vh1YXYp71J2h3QS-ZWdCZu46cKX1hPbbTew5HiabkqeTY_WLI6uSUhNZ5BW35zNgZSB86FbqAU3_feTgR_lk7T7HwadyPEwjCKhUNvB8UXZH2rlu3scfE7URaBHawHXtsPmc2Gz1-7h7TtAU6YbcQ_hOmMB_Y Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT an-x-request-uuid 752896b1-75a4-4499-9e78-cb8f720b9736 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0NzA1NzA4ODkxNTQyOTM5 x-proxy-origin 185.213.155.184; 185.213.155.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame CFCC	28 KB 28 KB	240ms 113ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 19:50:49 GMT x-content-type-options nosniff age 273496 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28680 x-xss-protection 0 last-modified Tue, 02 Jan 2024 08:02:34 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Wed, 04 Dec 2024 19:50:49 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame CFCC	32 KB 33 KB	181ms 54ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQU08JUZL7O4yAPEwaI_BIYOWj61Q0GpsELpL18gpOSzKwxhBTok4rsF42xrLQ&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:30:42 GMT x-content-type-options nosniff age 15503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32979 x-xss-protection 0 last-modified Wed, 03 Jan 2024 04:04:09 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sat, 07 Dec 2024 19:30:42 GMT
GET H3	200	9582802623576457529 tpc.googlesyndication.com/simgad/ Frame CFCC Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM https://tpc.googlesyndication.com/simgad/9582802623576457529	8 KB 8 KB	53ms 53ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9582802623576457529 Protocol H3 Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b484baff6b012cc823568d095cdb50a81ec0e32759264b2a094353d92a5380bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 13:40:45 GMT x-content-type-options nosniff age 36500 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7848 x-xss-protection 0 last-modified Thu, 26 Oct 2023 17:44:38 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 13:40:45 GMT Redirect headers date Fri, 08 Dec 2023 01:30:23 GMT x-content-type-options nosniff server cafe age 80322 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/9582802623576457529 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 07 Jan 2024 01:30:23 GMT
GET DATA	200 OK	truncated / Frame CFCC	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 154a32b2e2fa7cd230d73b58608fcf6fe4dad97944fc3cd39465b3adaa7261b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame 4614	28 KB 28 KB	282ms 171ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 19:50:49 GMT x-content-type-options nosniff age 273496 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28680 x-xss-protection 0 last-modified Tue, 02 Jan 2024 08:02:34 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Wed, 04 Dec 2024 19:50:49 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame 4614	32 KB 32 KB	255ms 144ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQU08JUZL7O4yAPEwaI_BIYOWj61Q0GpsELpL18gpOSzKwxhBTok4rsF42xrLQ&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:30:42 GMT x-content-type-options nosniff age 15503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32979 x-xss-protection 0 last-modified Wed, 03 Jan 2024 04:04:09 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sat, 07 Dec 2024 19:30:42 GMT
GET H3	200	2028896861534754722 tpc.googlesyndication.com/simgad/ Frame 4614 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr25ig3AEQ2AQYlgEyCI1gGRvCtpy8 https://tpc.googlesyndication.com/simgad/2028896861534754722	7 KB 7 KB	51ms 51ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2028896861534754722 Protocol H3 Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91e92ed1d0705e7657f98ca8fdf66854dc3a96666501c8e800c22ce7516fa139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:55:37 GMT x-content-type-options nosniff age 14008 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7203 x-xss-protection 0 last-modified Wed, 26 Sep 2018 16:32:14 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 19:55:37 GMT Redirect headers date Fri, 08 Dec 2023 11:56:08 GMT x-content-type-options nosniff server cafe age 42777 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/2028896861534754722 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 07 Jan 2024 11:56:08 GMT
GET DATA	200 OK	truncated / Frame 4614	222 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8222c3da044132d3515d5c2976b7241992e46184450be7b6d715f6df20306e00 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame D0EF Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CZq99cKtzZfq7Bd6A7_UP7o6ziAy7tcmIc5uFovX8Ec-m9P0IEAEgkLuABGCV4pCCoAegAZLV3eQByAECqQIvDOyJugyyPqgDAcgDyQSqBPQBT9AyjYIqvqiO0juUi1lUZt9pRZKaviFUD3Q... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227070168852586403847%22,%22debug_reporting%22:true,%22destination%22:%22https://ep-group.de%22,%22event_report_window%22:%2...	0 0	75ms 73ms	Fetch text/css	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227070168852586403847%22,%22debug_reporting%22:true,%22destination%22:%22https://ep-group.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22479685266%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227270582719531175041%22}&andc=true Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"7070168852586403847","debug_reporting":true,"destination":"https://ep-group.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["479685266"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"7270582719531175041"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 08 Dec 2023 23:49:05 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7070168852586403847","debug_reporting":true,"destination":"https://ep-group.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["479685266"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"7270582719531175041"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame 59A0	51 KB 19 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 4000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame F72E	51 KB 19 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 4000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 4614 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CFTL9cKtzZfi7Bd6A7_UP7o6ziAz8v5HOdPOAue2uEtzo3P-pQRABIJC7gARgleKQgqAHoAHor-yIA8gBCakCLwzsiboMsj6oAwHIA8sEqgT1AU_QhW7aZhACueBRtwXrm3WkaKf5X99Qm8c... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216284634549663440785%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...	0 0	75ms 74ms	Fetch text/css	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216284634549663440785%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214603647126863078929%22}&andc=true Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"16284634549663440785","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14603647126863078929"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 08 Dec 2023 23:49:05 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16284634549663440785","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14603647126863078929"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame CFCC Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C6zyicKtzZfm7Bd6A7_UP7o6ziAyp_6DQdL6K-JvwEaOener_QBABIJC7gARgleKQgqAHoAHor-yIA8gBCakCLwzsiboMsj6oAwHIA8sEqgT-AU_QdcPC1TKtrLtweaG0k3rAxFgtwdGgRKu... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217015351411017311433%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...	0 0	75ms 74ms	Fetch text/css	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217015351411017311433%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211954621686527185393%22}&andc=true Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"17015351411017311433","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"11954621686527185393"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 08 Dec 2023 23:49:05 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17015351411017311433","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"11954621686527185393"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E24C	0 28 B	87ms 87ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8733431420555&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E24C	0 28 B	88ms 88ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8733431420555&version=m202309260101&ct=77&x=1&cor=16005702488828652000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame E24C	20 KB 14 KB	89ms 89ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYB92Ipz8WJqrtdmRmxaVLsTQ1K3fYmRKiWtV3RHrO35Pnvu_AquxEoBYcf6ri-lCKMQn1XDjuMj4-jDMwAoT9Gn6tnMxSy2Y2eS11_-YUjcaESrTXYUFk3q_RqzVrERxTWBfNaIXUQbpD-I8FO4ERpTQHPcTMzEoFn0UE1gfLs6o8vAo&cry=1&dbm_d=AKAmf-Cbu1B9jRL26KZY0ViRydnLzX0uVMFbhZvh-Gc72sPP-lP_K9ZfhchDcXXlo_4fjUe4Bd0PyZLiH_NgLtKXYemzo72RPKgQQQns7jyLLXWJR_18fJ1ZAE1fsiw8wTdYAbmy8ZDtLyyIRzyzTHSHmf1BCaEDGCaG7XYZqa2ShKiEzEgfNO6KUwx2CSGkzBgBjvo31Pr1FkiiKQxDLrGwu0C5ylvYmwY1dFYtodbe3D7Zzi9mlrU8W7pchWCnxIMRcDK4-w5_TGEVaokWUcAigZbCv6hADak8Zqrl_cxPyYMHZkgwYdMfRqayhKWKZD7JtcdIKM3BsGQFzS_JXC0EcPQgY55KT0qjHAYyZBzcFcoh9qwxD-XrzwDpwoU947J80roexOsEEEtqZbeNTFFKPhgleW8BweMjaPwNks5isQ3j_ZqB9lUE8wAf_nhhBusMgB72Iw8vV6ynIs8lKXoofyd2kljKTvvLR9F2A02ElYKZQXLriAsVx-b-9uzNHamSUrSJUc_OWW7U_-Ag6aFJBxvMxLRwLA0QKk4IeAbPwcp_fhcOcvnVFrjGAkIl5HNq9pjyeA0nMXGbUImGkyfVmFqIWw0a6zjBQ48cPEynf0Ns0bn0aEBUm4zcr3di-SvzTp13eE3ZYMtJE2HNt8qT8V6yU9GwPiWCtlex9DG0lm-z_bEAgX6_Urq3-WGlwP_aVZrctBul3g8bv59qmSUJt5Wzhha1ew2e48qhyhJmV-YjR3mxvO7TUDr6WChaSm6JyCTfQuDSg0ZrSyaDHcsLkFPI_btIyMUJWUMjtnyiPilhDQS3SP40gzeVsm2e-RsIBcarDnoEuXCDy4CuotLPnMlBPHJv9_3Qdyj5dGTD0-PuQqoy14HQ_hXthHuSX6w8ZcwekY7_eBB1Jh8Fhxv0wExNnYtp34Btd0ZJhIqr93-EngZGk-xZuzhPBURQAxM04RiG7Yc_n02Q25xsvL6isA_JwX0tXf0_Bs3UJG75q3i_AGf0SFsPwEoyBg8uc3JUkLMY4UcOLPiT7afsxYQQm21vl1WByItvNrk04j7zCqxUqqLidH9_lB7JbhbZ2-9m9BMSPdztn6ONvxx6k6Xj3xAOjweeJc7xbmMs7mPj08bxJ35NRrFn62zp0l155sJFAA5zSujxln-KLbkPmBNYGw9211bz3O5DVVYFKfiS5eSv5Z_im5_fD0no_fEViavdxkM3YMqh_gMKrmjdfL_4VLvR9bWeQb34eBv3EOXyW9Be7Agj7P40h84Pi7iTBc8OuHa5j40HJWppnkSi3KHgbC5rX-vWqHDtJCobm7J1O9DRlL-YYtphIL_K-XbpQL5AvAi0Fkr17ggUakEb6urYglDMidc14yJIp5DcU5zOWsbU3Q9S93Hfw613lBMljRA0eByuWawomO441aS_93R15Bvdv_DwS8GHKZx9RAaidkII31IygZ-q705eBdaHpgD_jmdu7gRrx9LpI4FRwaiKq3RrqhT4ajlju-v7UwPBs9D2yF8TlFfvMG7nbq0V1Hf5vrmMSa-1M_IrAWSg6oNwbdEnC0TGCS_BIta-9wAqPYQ86A3CXPZN79wSzq8aAGBjUenpSPmnqAVeOwKg2_VYsRc6WU0klh9Cxl6YoqdUO4G6G7EaBvyJMnzonXHjSXgvqtVPrS0dHWLDW8fAaPZ_ptRlBD-afryhusN8g6woK1g-9we1F8J9kUb3VEN6GLniq3bvg-EDD0oS6wxq2QH5TQCDNVN4Uc3S6yNCHG-YQGeLtFlfl7s0DiQA4LS1pHHuIc1nlpF_FdYffPOJyRotTfO7h5m7VlxJCCjWrqNZDPQt9ZdM64lWr8kmBGbh9sJBdK4WHf8WpTIoCNJBH-AAnV5dM1QIOSRKIDY5h3pK7rZSIY-bFX3fUhpcrU3rLdTxuESpG8_1jyo7EoLWyYAcgUXUiDOimh9ZW5rO3yA9zowT9GRQEVaIdr9MIa2aP0wI1zAz9JxSa5W9pHdRfCGKdb0_Z1QlIMb9rVh46VCt6dGqK3K3JdS91nmpvPmtHyNdtMHJKfs7yZ1zG9pnQC6_xwwuYKeWF7rJaqqFHHzfOsZ3vr_uhrW7kNtei2I2yb9xA10-uI2V76aqhzedDSaXY5Hty7W-sYOw3_vhVZWQqihTzaBFEuqw_el5NqdT4iGOjgMrrp_6kwOUQ4F0t1i7JA3hLOA9DU0WQNIPSmmpLw8heo9xTQylKEVzuvHjiL95y_8hThtVVpO-u71npex7U8gIBlx2DgLfJCiF7iUIqYTn_-zW16VK2dVchyL97X2JXh7Ed3mF1KnDjubFDnc-1DTFNJBmQXlB6d6rMGczg1T50CK0BEHLgX-XCs-AtvmRFYUWoCrdmc4WmVSlzRCv-yT1J3e6_m-cl29MpTstYAxp2V31uKIFT1beUi7VzW5PXEeh66BEqGUt_cbIXiR1vV2Wsw3_L3yEaIsJxRFroAXp79Y8JWzW77ZBvrVtQr_KlklGF8GkivFy9Qyt8-8nuCmkkJSxtQJDhVurZWG7YsL-Q0SxECODLRAXYcDINQ0-z3QGtwKKSvOKiIV2QSn3qtajYFhsw11mJrK5xGs3IazyrFltCEbT0DCG1dZdrRiqDsLZsTHBvPoF0MLR9RRVD0Gi4YPvTOaiwumWrx3PlC5rBlyiw9Cso7vTwAwVgNUSf_so0CfsmS-ITBufszfDtLPvvR5lIpd4mD_Bj_qv3IFrIwG69Bkvt1Dwoils1lnT-d4-zJ-gNeoDOtAFGQdOjIAY-Ush5Dt4hneWnyjDHDIg2KVRe0iDnbIqp_7Ycb801tgR0dWeK_X4ap9hqAc7UkANmNkhCLadSrcsKLDD-PWDg58ef2dOm9Qh4-6srADyXkrj_lkgoykVedd7UZIw0BlBDqAhlZlV_gB0urRf12i_L_vh8UcyOtjPWRMobgd5b69py4d4hdNGaGPWaEWXP933r-IoICt8HWsWuxFc76-gQH-VxNlIlGVwzEup6BqFFuyOKztVwk4WoJ-2TO5SwRTAfQRnSzlZyurQ9gcZGuPzXTK3dG8SgpC29KALQoaI3U7rKNnkkDqFEfo6uvyWtcabWap4oK6MPhixQTtJNcQtXIEUU08Vcbk7qEU4AydP14cp7vAirUjrtd8pORCW7ViVBBjYLdxhtW2zB1vJXm5uSde2oYPaUzieDV-Qj0I1SLQDuvreB_A_ftzNC8l2T6ZY41NfZpM4qzP2EGTqVBFUR6PnjCAzw7yfqVTxKD-j0ylSCufYVjWJjM_YRqkPcMZtYtwhI-ZrWjuu6lDfkX2rHsOs4wnIvYPZ5NAldunesUrZUD8tuN13XX07xhndoLSJsM923ha-jKbJc5AAERrpPqVvjz2i0aC-zquNNscQnAYSZXsERISIyenmiNiscJAo1PFmFsBw9nwl0cZ5Zdn1_zFek4cPT8riQG5nd747vVIBRMiohQ7sQm_at8l7IXjey7lRc2ho8yAtF7OVY-HVa510c7AipnKBCBFf7OJeQpXlfuJG7ArAGAave2AACqrTur5GpyeyifJZG6a0FC4T_E_egXzS5hzgC2vKkdlhdUpKiJxU5nkb7dzDZ5go2INZQztKkj4T0RTRgsgn8VLUXloDaQbwV8T5DhsSRezfNYQV_3nyl6m9D5ONhSs_ebSxQKtaQNQo3EUXN6eFNrWql4IG0seh-FODJ8zq8W7rX69V0mo9y4Ke4AHA_DPIB88roeZDtiu-KrqvOVI0cIV-oLXmB8HEVqZzpPSw5CWK2CGZySolgKnmgUc7MYzYAJIuJ4Jjif2hyO_Ix_-XUwyIJRuTEe-6op4tZdRPt2SsbmstqzpcfaRoAzdhVjR_3k_0y44LMrNWeZUgk-CKlH4djsGyXyaOQLNiAgVyT7PCvsJQO9FY3ati-e1NsmN4i6Tdt0xV8nCOYboN__UKwqdekpqSW8M5mUz_cLXhIJ_BszTY00_C0RWO_KzdOJDhVltjzKkj8wO8UR4uhyPjoaPUvLDZQUjaJwNBuMGg5Kw4Fh3ZY-ZvvdeBNX3jEP67GQ_r88XYtq2U3QFcgGHTpQffOdS-WfW0vQufhK1ov20vwSYv4tMOZ37VPYjIGA-If_7by9jc9HXu6vYAAXLdUcAm8jq6c_bL7ToazMO43aMcZZeh7KmdSooGOx-IclXZWanZOL6fwqCjJdateTxFcZP8Bt73TeOIPAy-WGaOfI7Q35zwu4qd&cid=CAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=16005702488828652000&adk=2124396031&idt=171&cac=0&dtd=6 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8f6c95b84bc8753d700d85a53163cf4d2e6370637a9d18d0fccf76c23af82c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13966 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame ECC6	51 KB 19 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 4000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 928C	0 0	90ms 89ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=318824155147897&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 49C8	16 KB 16 KB	55ms 52ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:55:14 GMT x-content-type-options nosniff age 14031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 19:55:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 49C8	15 KB 15 KB	63ms 61ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:59:57 GMT x-content-type-options nosniff age 17348 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:59:57 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 2DB2	39 KB 15 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 6426 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A8C9	624 B 242 B	98ms 97ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUbg1Gb6H54CO6RkPSwqoNGf8ZxGW6oUH-vBpUYCBZYGEhHmgPYc3scAzzhzNhZKNKMt77kP1vuQcL8wzp7aoRW8nNBSqdcbI65B07cwV4ivHF638VrAKarWmsCSmkvV-aA2HJLbUes_dZqANfi8jBHatobbYy1HEJZtrd9hCm2jhSinHY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 5516	89 KB 31 KB	164ms 163ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5516	3 KB 1 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 6427 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5516	20 KB 8 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 11214 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 5516	0 0	64ms 62ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8a6h7SsEHhJWtuHtkgl-7mbmgvOARhnG9al8PXmwCtAv57m0961tMipRHX328Pr2RtfDFQSpDHe5Kj0SGS4uPep-gpA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 5516	202 KB 64 KB	95ms 95ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Dec 2023 23:49:05 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5516	42 B 71 B	88ms 87ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0gFR6nZFRoU6G4IfZ9TY8Vo4dq_l4-lvYtZwqAEfQ_I31YzEJ9z8inPgdjuoeIzoPSB4_BD1GTP2f8HJW1qj0ji1BXAROjmg6jiuVNZTQ8xmAIAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 49C8 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C1VCfcKtzZbWHM96A7_UP7o6ziAyqhMLbdJ3VtZaHEvzBtauuARABIJC7gARgleKQgqAHoAGl7ffFA8gBCakCLwzsiboMsj6oAwHIA8sEqgTzAU_QUKSNr4GwOZXaTi4MSzku5PTpQzKStuR... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223958797341746016665%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%222592...	0 0	75ms 75ms	Fetch text/css	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223958797341746016665%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223982636033521610689%22}&andc=true Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"3958797341746016665","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"3982636033521610689"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 08 Dec 2023 23:49:05 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3958797341746016665","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"3982636033521610689"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	158ms 73ms	Preflight text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227070168852586403847%22,%22debug_reporting%22:true,%22destination%22:%22https://ep-group.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22479685266%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227270582719531175041%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	157ms 74ms	Preflight text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217015351411017311433%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211954621686527185393%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	143ms 74ms	Preflight text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216284634549663440785%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214603647126863078929%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame BA44	51 KB 19 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 4000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A8C9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1	43 B 736 B	28ms 28ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUbg1Gb6H54CO6RkPSwqoNGf8ZxGW6oUH-vBpUYCBZYGEhHmgPYc3scAzzhzNhZKNKMt77kP1vuQcL8wzp7aoRW8nNBSqdcbI65B07cwV4ivHF638VrAKarWmsCSmkvV-aA2HJLbUes_dZqANfi8jBHatobbYy1HEJZtrd9hCm2jhSinHY Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aD2iUxE0I5rfOCELp82hdq0kEyTY8OmyF2VFAGUZYcyARAw07i7cemYkaJTHwVxrdegWriqGbJTRYRvvuuoqD%2FMohL4CEoyd%2FCmn8LuRYG3WJHzCdK%2B%2BVFMaYL3Z%2BUjNY9KWCjklQlezjA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8328e726d8921941-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A8C9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXOrce4-Dwc-rbmyj2yyNQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1	43 B 728 B	31ms 31ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUbg1Gb6H54CO6RkPSwqoNGf8ZxGW6oUH-vBpUYCBZYGEhHmgPYc3scAzzhzNhZKNKMt77kP1vuQcL8wzp7aoRW8nNBSqdcbI65B07cwV4ivHF638VrAKarWmsCSmkvV-aA2HJLbUes_dZqANfi8jBHatobbYy1HEJZtrd9hCm2jhSinHY Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH0QXWZLz7t8mo9kJ7vN11jy5Ywh7rRxON7vMGOPFCNo66WFD01v9L%2BsXpuvATOTgSV8e04r5SoMt9lyP3jX24iTdCJdmJeXCm8IHgHtRmvcdJemZ5bfE84KCJy5E0T4MRPgYpldiBp2BA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8328e72718c11941-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqUhT_WTVZFLpyQHPMHBW8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame A8C9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEINwGvDr7qUz9_q9RO9Yrh4&google_cver=1	43 B 841 B	92ms 91ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEINwGvDr7qUz9_q9RO9Yrh4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUbg1Gb6H54CO6RkPSwqoNGf8ZxGW6oUH-vBpUYCBZYGEhHmgPYc3scAzzhzNhZKNKMt77kP1vuQcL8wzp7aoRW8nNBSqdcbI65B07cwV4ivHF638VrAKarWmsCSmkvV-aA2HJLbUes_dZqANfi8jBHatobbYy1HEJZtrd9hCm2jhSinHY Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT an-x-request-uuid a77b413b-b9fc-4d00-91f5-0a5a04fe447f server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 185.213.155.184; 185.213.155.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEINwGvDr7qUz9_q9RO9Yrh4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A8C9 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE3OTQ4OTk5MTg2NDUyNDQ2Mg%3D%3D	170 B 188 B	49ms 49ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE3OTQ4OTk5MTg2NDUyNDQ2Mg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUbg1Gb6H54CO6RkPSwqoNGf8ZxGW6oUH-vBpUYCBZYGEhHmgPYc3scAzzhzNhZKNKMt77kP1vuQcL8wzp7aoRW8nNBSqdcbI65B07cwV4ivHF638VrAKarWmsCSmkvV-aA2HJLbUes_dZqANfi8jBHatobbYy1HEJZtrd9hCm2jhSinHY Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT an-x-request-uuid 452d6eeb-fe27-434e-8a68-131099736d0f server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE3OTQ4OTk5MTg2NDUyNDQ2Mg%3D%3D x-proxy-origin 185.213.155.184; 185.213.155.184; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame E24C	41 KB 14 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYB92Ipz8WJqrtdmRmxaVLsTQ1K3fYmRKiWtV3RHrO35Pnvu_AquxEoBYcf6ri-lCKMQn1XDjuMj4-jDMwAoT9Gn6tnMxSy2Y2eS11_-YUjcaESrTXYUFk3q_RqzVrERxTWBfNaIXUQbpD-I8FO4ERpTQHPcTMzEoFn0UE1gfLs6o8vAo&cry=1&dbm_d=AKAmf-Cbu1B9jRL26KZY0ViRydnLzX0uVMFbhZvh-Gc72sPP-lP_K9ZfhchDcXXlo_4fjUe4Bd0PyZLiH_NgLtKXYemzo72RPKgQQQns7jyLLXWJR_18fJ1ZAE1fsiw8wTdYAbmy8ZDtLyyIRzyzTHSHmf1BCaEDGCaG7XYZqa2ShKiEzEgfNO6KUwx2CSGkzBgBjvo31Pr1FkiiKQxDLrGwu0C5ylvYmwY1dFYtodbe3D7Zzi9mlrU8W7pchWCnxIMRcDK4-w5_TGEVaokWUcAigZbCv6hADak8Zqrl_cxPyYMHZkgwYdMfRqayhKWKZD7JtcdIKM3BsGQFzS_JXC0EcPQgY55KT0qjHAYyZBzcFcoh9qwxD-XrzwDpwoU947J80roexOsEEEtqZbeNTFFKPhgleW8BweMjaPwNks5isQ3j_ZqB9lUE8wAf_nhhBusMgB72Iw8vV6ynIs8lKXoofyd2kljKTvvLR9F2A02ElYKZQXLriAsVx-b-9uzNHamSUrSJUc_OWW7U_-Ag6aFJBxvMxLRwLA0QKk4IeAbPwcp_fhcOcvnVFrjGAkIl5HNq9pjyeA0nMXGbUImGkyfVmFqIWw0a6zjBQ48cPEynf0Ns0bn0aEBUm4zcr3di-SvzTp13eE3ZYMtJE2HNt8qT8V6yU9GwPiWCtlex9DG0lm-z_bEAgX6_Urq3-WGlwP_aVZrctBul3g8bv59qmSUJt5Wzhha1ew2e48qhyhJmV-YjR3mxvO7TUDr6WChaSm6JyCTfQuDSg0ZrSyaDHcsLkFPI_btIyMUJWUMjtnyiPilhDQS3SP40gzeVsm2e-RsIBcarDnoEuXCDy4CuotLPnMlBPHJv9_3Qdyj5dGTD0-PuQqoy14HQ_hXthHuSX6w8ZcwekY7_eBB1Jh8Fhxv0wExNnYtp34Btd0ZJhIqr93-EngZGk-xZuzhPBURQAxM04RiG7Yc_n02Q25xsvL6isA_JwX0tXf0_Bs3UJG75q3i_AGf0SFsPwEoyBg8uc3JUkLMY4UcOLPiT7afsxYQQm21vl1WByItvNrk04j7zCqxUqqLidH9_lB7JbhbZ2-9m9BMSPdztn6ONvxx6k6Xj3xAOjweeJc7xbmMs7mPj08bxJ35NRrFn62zp0l155sJFAA5zSujxln-KLbkPmBNYGw9211bz3O5DVVYFKfiS5eSv5Z_im5_fD0no_fEViavdxkM3YMqh_gMKrmjdfL_4VLvR9bWeQb34eBv3EOXyW9Be7Agj7P40h84Pi7iTBc8OuHa5j40HJWppnkSi3KHgbC5rX-vWqHDtJCobm7J1O9DRlL-YYtphIL_K-XbpQL5AvAi0Fkr17ggUakEb6urYglDMidc14yJIp5DcU5zOWsbU3Q9S93Hfw613lBMljRA0eByuWawomO441aS_93R15Bvdv_DwS8GHKZx9RAaidkII31IygZ-q705eBdaHpgD_jmdu7gRrx9LpI4FRwaiKq3RrqhT4ajlju-v7UwPBs9D2yF8TlFfvMG7nbq0V1Hf5vrmMSa-1M_IrAWSg6oNwbdEnC0TGCS_BIta-9wAqPYQ86A3CXPZN79wSzq8aAGBjUenpSPmnqAVeOwKg2_VYsRc6WU0klh9Cxl6YoqdUO4G6G7EaBvyJMnzonXHjSXgvqtVPrS0dHWLDW8fAaPZ_ptRlBD-afryhusN8g6woK1g-9we1F8J9kUb3VEN6GLniq3bvg-EDD0oS6wxq2QH5TQCDNVN4Uc3S6yNCHG-YQGeLtFlfl7s0DiQA4LS1pHHuIc1nlpF_FdYffPOJyRotTfO7h5m7VlxJCCjWrqNZDPQt9ZdM64lWr8kmBGbh9sJBdK4WHf8WpTIoCNJBH-AAnV5dM1QIOSRKIDY5h3pK7rZSIY-bFX3fUhpcrU3rLdTxuESpG8_1jyo7EoLWyYAcgUXUiDOimh9ZW5rO3yA9zowT9GRQEVaIdr9MIa2aP0wI1zAz9JxSa5W9pHdRfCGKdb0_Z1QlIMb9rVh46VCt6dGqK3K3JdS91nmpvPmtHyNdtMHJKfs7yZ1zG9pnQC6_xwwuYKeWF7rJaqqFHHzfOsZ3vr_uhrW7kNtei2I2yb9xA10-uI2V76aqhzedDSaXY5Hty7W-sYOw3_vhVZWQqihTzaBFEuqw_el5NqdT4iGOjgMrrp_6kwOUQ4F0t1i7JA3hLOA9DU0WQNIPSmmpLw8heo9xTQylKEVzuvHjiL95y_8hThtVVpO-u71npex7U8gIBlx2DgLfJCiF7iUIqYTn_-zW16VK2dVchyL97X2JXh7Ed3mF1KnDjubFDnc-1DTFNJBmQXlB6d6rMGczg1T50CK0BEHLgX-XCs-AtvmRFYUWoCrdmc4WmVSlzRCv-yT1J3e6_m-cl29MpTstYAxp2V31uKIFT1beUi7VzW5PXEeh66BEqGUt_cbIXiR1vV2Wsw3_L3yEaIsJxRFroAXp79Y8JWzW77ZBvrVtQr_KlklGF8GkivFy9Qyt8-8nuCmkkJSxtQJDhVurZWG7YsL-Q0SxECODLRAXYcDINQ0-z3QGtwKKSvOKiIV2QSn3qtajYFhsw11mJrK5xGs3IazyrFltCEbT0DCG1dZdrRiqDsLZsTHBvPoF0MLR9RRVD0Gi4YPvTOaiwumWrx3PlC5rBlyiw9Cso7vTwAwVgNUSf_so0CfsmS-ITBufszfDtLPvvR5lIpd4mD_Bj_qv3IFrIwG69Bkvt1Dwoils1lnT-d4-zJ-gNeoDOtAFGQdOjIAY-Ush5Dt4hneWnyjDHDIg2KVRe0iDnbIqp_7Ycb801tgR0dWeK_X4ap9hqAc7UkANmNkhCLadSrcsKLDD-PWDg58ef2dOm9Qh4-6srADyXkrj_lkgoykVedd7UZIw0BlBDqAhlZlV_gB0urRf12i_L_vh8UcyOtjPWRMobgd5b69py4d4hdNGaGPWaEWXP933r-IoICt8HWsWuxFc76-gQH-VxNlIlGVwzEup6BqFFuyOKztVwk4WoJ-2TO5SwRTAfQRnSzlZyurQ9gcZGuPzXTK3dG8SgpC29KALQoaI3U7rKNnkkDqFEfo6uvyWtcabWap4oK6MPhixQTtJNcQtXIEUU08Vcbk7qEU4AydP14cp7vAirUjrtd8pORCW7ViVBBjYLdxhtW2zB1vJXm5uSde2oYPaUzieDV-Qj0I1SLQDuvreB_A_ftzNC8l2T6ZY41NfZpM4qzP2EGTqVBFUR6PnjCAzw7yfqVTxKD-j0ylSCufYVjWJjM_YRqkPcMZtYtwhI-ZrWjuu6lDfkX2rHsOs4wnIvYPZ5NAldunesUrZUD8tuN13XX07xhndoLSJsM923ha-jKbJc5AAERrpPqVvjz2i0aC-zquNNscQnAYSZXsERISIyenmiNiscJAo1PFmFsBw9nwl0cZ5Zdn1_zFek4cPT8riQG5nd747vVIBRMiohQ7sQm_at8l7IXjey7lRc2ho8yAtF7OVY-HVa510c7AipnKBCBFf7OJeQpXlfuJG7ArAGAave2AACqrTur5GpyeyifJZG6a0FC4T_E_egXzS5hzgC2vKkdlhdUpKiJxU5nkb7dzDZ5go2INZQztKkj4T0RTRgsgn8VLUXloDaQbwV8T5DhsSRezfNYQV_3nyl6m9D5ONhSs_ebSxQKtaQNQo3EUXN6eFNrWql4IG0seh-FODJ8zq8W7rX69V0mo9y4Ke4AHA_DPIB88roeZDtiu-KrqvOVI0cIV-oLXmB8HEVqZzpPSw5CWK2CGZySolgKnmgUc7MYzYAJIuJ4Jjif2hyO_Ix_-XUwyIJRuTEe-6op4tZdRPt2SsbmstqzpcfaRoAzdhVjR_3k_0y44LMrNWeZUgk-CKlH4djsGyXyaOQLNiAgVyT7PCvsJQO9FY3ati-e1NsmN4i6Tdt0xV8nCOYboN__UKwqdekpqSW8M5mUz_cLXhIJ_BszTY00_C0RWO_KzdOJDhVltjzKkj8wO8UR4uhyPjoaPUvLDZQUjaJwNBuMGg5Kw4Fh3ZY-ZvvdeBNX3jEP67GQ_r88XYtq2U3QFcgGHTpQffOdS-WfW0vQufhK1ov20vwSYv4tMOZ37VPYjIGA-If_7by9jc9HXu6vYAAXLdUcAm8jq6c_bL7ToazMO43aMcZZeh7KmdSooGOx-IclXZWanZOL6fwqCjJdateTxFcZP8Bt73TeOIPAy-WGaOfI7Q35zwu4qd&cid=CAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=16005702488828652000&adk=2124396031&idt=171&cac=0&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:05:08 GMT content-encoding br x-content-type-options nosniff age 20637 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:05:08 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA3OTM0NTU3MDI3MgogIHNlcnZlcl9pcDogMTM0MDY3ODA0CiAgcHJvY2Vzc19pZDogODM4OTk2MjU4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz... ad.doubleclick.net/ddm/activity/ Frame E24C	0 868 B	159ms 74ms	Image image/png	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA3OTM0NTU3MDI3MgogIHNlcnZlcl9pcDogMTM0MDY3ODA0CiAgcHJvY2Vzc19pZDogODM4OTk2MjU4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDY3ODU1NjMxOTk2NDgzMzY0OTIKZGVidWdfa2V5OiAxNDc4NTkyMTA0NjUwNDk5OTkxNwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTg5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA3MDY3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0x46f7ea6ea8c74ab60000000000000000"},"debug_key":"14785921046504999917","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"6785563199648336492"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	iju9wczm8trb Show response hal9000.redintelligence.net/zone/ Frame E24C	11 KB 4 KB	41ms 12ms	Script text/html	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1702079344832251&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 1acbee1b73145eb907a0b8d46071eff37bf784f99f6f2d00e74bf7fdcb1afedd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4197 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 2DB2	0 10 B	51ms 51ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?KDPEXQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:05 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	request.php Show response hal90008.redintelligence.net/ Frame E24C Redirect Chain https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli... https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...	4 KB 2 KB	148ms 124ms	Script application/x-javascript	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol HTTP/1.1 Server 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash e8d59820f08efb96f899edca4dc5491f1757e83c3ec14906861b159fa5247b6c Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 73947300003024604444554012533008 Connection close Content-Length 1135 Expires Fri, 08 Dec 2023 23:49:05 +0100 Redirect headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Fri, 08 Dec 2023 23:49:05 +0100
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5516	0 28 B	87ms 87ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2304970524586&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5516	0 28 B	89ms 89ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2304970524586&version=m202309260101&ct=77&x=1&cor=10880987486850576000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 5516	20 KB 14 KB	384ms 384ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv3EOI3le_HgYowSHYJTP-oHA0k_hpQuYczuNz8e9vvVbrBfgFEGNinFrP6-LqJhyKVhiPVkqneTWnLOqXGvUZ4S0b8ABTRzVkUuR-D-TMAYI6hIWc2ITAOkKAikIcIdDssSdjS388goU6DrLEsDl-qGqZFW1zwtHrauvB-0OaHr0qp3Q&cry=1&dbm_d=AKAmf-DQ2XZwvopVeyJ5Ji-Od8lQdYUm-0C530qImTh0KczE9tNq8so4GN545UWK4MSfGRrEiZKohF8SFSKQVmXaUMpjTFKmHQa8Wo_jMmAX41kwg0mBYTtyCJamAg9C3rxTCU8VW0MOCY06qGp5ZTqU2bM45DKBXi0gGqY9gliuN0zebBTHEuRC6z7pBymEcU-g8Mfa0T3hg9gKLEHpInmR5zyXE5Hwz8R3U5FwRVygJaLLzNU1duNyc1wP0ixDVs8W5HX20Km6XQiP_-PUVNoQxEAg46pf3nw3Mx1CMjN7zidNU6K8esGgY7-4X3CWUyu8QcvdSh2Et4qTSt3MBNpxKc7z0tX8_O-WXDfqz_qKDaNLpxfw-AyTk02QgY8-gq38ajc3d59I6O0xVJJvuH205Upa41Bykp13SthGpAfzwg57-5iyodixtSIXDcxb8zuHTg1aWcgjjqsC1bs-II4HRCE6cZfCFmMgBrjULjLzsQJhU152BRCug-ANji9euALCv-PMlhDIUxVFjZ4vsJuawkvl5vIvQMPQ5Mduu3GhqxAiexQsxmHEHdNjVJXseQZzBSuoRY3itD-ibs7ptIgZhyTOKBrPAcOK8C7qyfCOjlAcj6IvLStIZGwvkXEQrW44raa_HmgiLNUtRY-wKqKJFrM-mLimoDq1k3TD8blLsHKh_DcJD9-PUWbLpAQL2OB9h2a-uMYOllcx9tv4Qpr8TU0W2z6wiICrJW7B9HUUjRRYqDaU5eoE1Z7f8QDZrq-YhstqqUsx22xPE0dvuyW3irMeEymkHwdKhCJ-MjczKVIrZs_684k6QvMutcjyzVMsvla2arA9L_FT9u4xu40J-Wvp1oYqjxsGDmrErh7XJM4GpmEphZhK_1TksA7-uEBZGA9_aJKhrMynw2xvkktFDcyE-JrZ7eZKSexYyYx4lHOMfyQrlzd2xVzSPrcO6Lzu_J8Ghebs2qWSRIdb7BAhyxDHSnMWccNHCBpNiUbpuDjm2ZtoGsAUAXEAZT5o0qdi4YrMC19CIz-VFk6awNEVPx7x8r8EbO_5UO9025NsUw-K22dmsDWoR8FY9dm3ODG6FvTbc3dfptLXVC0QZLsmyAJnaArysGCqXk1_OGJLfSCJStgZvHLCdfoBi5pbp94OUEO2anKIa45Bk6M8_GlPhDOYowKJi6pALopvKfWWrWfTy2PLRpyM2jGqPFu0H33k2nHTxh1AbsFkzt-mOqzAKZI4G6WKwX6Qhnih63mGuVHKBRJt91teIg6tY4b04GiHMEzK3mtZN2U2xKZSFuofK9MsKkldOo5b4lmy2I0EMxjv53RSgedWUASJ6U3NzqRkqqhpM1AjqpedRJRtBoGCG013vuizol5jb0VW01BpcWIzRXo1okqzUpowHODnQGZs2kWngKne3aaRYFeI66MHDu6AeDDbNSnTaxoCYfDqW8ZJGp1qRFeRO-u1W591QNcVaP9Kp_Zft46hy4Ep9a_ig9QM9Q0VV6gc15QWsLiNJ0Kw_JTAR2-EmsS3dfu53mmn3uabiCIZubUZMm-8yYGlLqBPAVsf7SMCQIgPp3BmRRC-ix2oeAzPbWpYhTylrtRT4CV9lMJ-GOf0-z3Q7hb5MMZKVBUlrhJV6Bqxx9TUe6JVidFLtgQR3O0kRye3IpJCgcj6DMFhYaUlf37c6x5WAH0eSxKnoQs583ygn12Hkhz0OfOjnTVZU422n5EtYogUwaORuSIhHQFH7zs4bdcBzWsg06NFjPCmQ4hm0YRA8w5tHLJejM25neuLvZcmt18Slwja_r2GwGKDDq3ELz6g4337DpRjtCplqx7jiopgDIIa6ZmBTnUWP7XhsyeoVZX3wPkLj2Dq7y9iRUGN5fa0wwTKr5JRMxhANKGU9tfaI2ml2WESrPGHfcoPt_BVg5O2Apyehljy8PUks5NFWFmqva0BxK_zrQWF2DCOyajMPR-pkBV7IyDfuwQqZbLYKEbGxWeYyuoiYA0K1bgPKtJWnJ27uu7xm4jXsbHZZuGdRKQpoqy1bOFNOJpoxLghZubp4MV6Aa2WfQDERdNM3ejnuG-UWlhBrLD-tJwWAKpZpidMH_d3PFlzCsmBcHTN_pjFFktCEcVfn4BIHf2yK3zHIfJpjRiI9s_rYk8NFOVxIcfaSxF9DhLlWOw8i_LsQ4AsTHCdvlay3tLIf1YSperjqIK0UnqfpN5jvSb3isnuHfB3ISBUxVUQ1EEDuYE6pHUTRzu__oWBkCeTAuZmmAr30_d5U745SF1V5MTOe-I6L77cYkSfQvXoUjWfqsXkVWgcBJcjcmAcAC0TtlAtNhA76E7bFFUt4gnq1E2m4ahgKOdzb4ClnpobW9hb1gjuYSdeq7qDdtBWUQHdJ-dsAJI2suGfxv6AnL9TMCUCLxur_2V81IHG4qSh-7q_RVZRGpHf48rsiCtWgrUdeP26KtiDaszE0OtoZ9czckklAb1ha7mCkX7kFWlGv_Pa54aPTWC5c4Qgr9Uc1evk5Aq6IEcGcyQ7P3h86IFGB47EZQILNdNEqvBL0TKUhoMcHvnCTzwyk0ug7MHu4k70vPbj4Cpv3jkBaKpj9-bRGCuiwpDgfSspVAIt1L7Ot2BbbxpDmFfqTC6IJh6r7w-QnihszhALhQRzFh32c-JQhsFqj4SO7llwMkRIqeyqH4e7gYBS0By9fzXWqh5k0J1IMSFIadwf9Ut1svQtbP-v6ZOH5E9WZ8fQesdDdPzzVDFo59QXKa4gA6ypKD87lC0Jm73NicVBwKAhQqfw71Lm3DT4d1ht7yenNC9_CNhCkKYQWiqCMVGgjta_xIXZ_qqhMsz6Xm36GpO75XShUPcWtYfAnLGTmnCsQ_GBM8sfwelowNDNyjmhAFxWEET72S4tpCCl3DDCDTC2SheRLhQAqVgiIJubjUTUn4eabC3VKO9aHbAi7jro8cS5fBAubU90fs51cz7Cqv7RKpcx9UQhsOTk6ZksDjA2JJGtJRig5UnZnCaq1IHxFH6nvqORlAB1DI56z93xAgnJpsMoVmCCfwnNVsakZzl9tCE-ofUNCoQSCRKjXsFTWaKPjk-TUnAbk5HyCDucNE-yMtNriCpL06zSuZ99H5m2WOIpwIAUmrzL_arkUJZ_xlzwwSFA4rVGNMaEDn_3OC3xPEzAq4Cv4gWRRJkLh-n9O38skIqf-oqPDkdP9bIRW-LAIOO4Nmxs0ywOsoZdfuJToXnNQBtJaTJLs61ccMZVTEiScu-C-aYLDnCW75gHgdT7MeOE8rKK_0rlTo9uxteJN6cFf1MBFqYKY0N6PwpBbzC1mTVewhANRXxxiruTPELRJwOhuCv9XQWqLXeeHuEMRYInlghcBz5AJ-NE32ixZvd3rDUVNaiw5Ni_iDaYmcIT1N1DfXkDV4baPXJ_bMcUpz_WJp000He7WFAEzM7-nQ9_ZSN7QvGpOycZQ_76n7iK741xegESK2QEvYrxPrNyAuzI06ZYhsRfJOwx3qjZzQJ7IkPCiYCa57dA2CwxZKE5WPFUs_Q9hlQgy1X-KctwNN40f26cZ4JzJuQbKfKBnUm4ZbXxtYUCr00cYOQLKKaBdsXkDznqvNOlukiiVtaY02Nk7W6RbCCILAtCiYLshisntL-Bga2ae-hZ0UTZMpPDgjZMGrNZHj8pXPAM6r1K0LBBvSa2dZzTdzcESBhd3wSzPIwJWGktYaqPysvT55qjLhWJ_8fCn9hxqTR0g9RgJ9rymB4n4bUqeAAFDMZXyymPB4I3E_BLElkrtelDFslFb-_UuY2sPeckbIsqZpsHFqRJclfg2PzmvQjQ-709uxuQJqOjNFfJk7IsyfvxoepleVxZvM8yjQoOiZ6xP4wiDNdr_10p4jxXp4nPt1GaRvX4DrUygmrS995Qq2l8JwFfcDrAU47gnpnoAvjDk4KpL2nuf7DrB1M6c9e43wzF4qqqFVwWcdD4tUcj4mSqutDuugLmJShHw-nJE3Kscbc4LT0qRJSGBInLylUrltIuAx_5p7twqgLdsu2PEuzEFxnnWT1MKzmRqS_y831GrOpXLwcWDBU8hO5-vcyQQFjKZK-0MCdV4vWRtek9-sa3eXlAA_CpjWPgLWhq5Wnr2RuRg7k1aZKcMKmizTXGJ7Wm43cOPYwEBUf84CAv3blkT7y2lbT3VpJZB7KOT3OZnkMbRGwIOFsEWgkVIEMBpH5OxyQkUMYMs__C5XNprdh0nPF8oHXYYURiqOBBZMVEZZ_QnqIz-skYgzAS3abjbfwMH4k6F1w&cid=CAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10880987486850576000&adk=1761367584&idt=172&cac=0&dtd=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5538c1e26618c8870600fea182e43705cb65ba3d8db06cc1da7a103ce4b66dc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13909 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	84ms 75ms	Preflight text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223958797341746016665%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223982636033521610689%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 08 Dec 2023 23:49:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 438D	38 KB 13 KB	52ms 52ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 311860 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:11:25 GMT expires Wed, 04 Dec 2024 09:11:25 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 48DD	0 28 B	89ms 89ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCUxhbmRzY2FwZQoKCAIqBnNlcnZlcgouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAA8D8wAQoNECshAAAAAAAAVEAwARIaQ1BlenZOV0RnWU1ERlY3QXV3Z2Ric2NNd1EiIWxlYWRnZW4vc25vbV92aWRlb193ZWJfcmVzdHJpY3RlZCgs Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/1b71563d924ca4f52d2a25828a1baeb1.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame 89A9	51 KB 19 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 4000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 438D	39 KB 15 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 6426 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H2	200	e99aace94e6e5873881d3400993e1e7e Show response pv.medialead.de/trck/epv/ Frame 866F	0 326 B	59ms 18ms	Document application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript; charset=utf-8 date Fri, 08 Dec 2023 23:49:06 GMT host pv.medialead.de proxy-host pv.medialead.de server nginx vary Origin
GET H2	200	89f7480c0afa0150827cf163f8728151 Show response pv.medialead.de/trck/epv/ Frame DC1B	0 327 B	58ms 17ms	Document application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript; charset=utf-8 date Fri, 08 Dec 2023 23:49:06 GMT host pv.medialead.de proxy-host pv.medialead.de server nginx vary Origin
GET H2	200	activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511 Show response 5994599.fls.doubleclick.net/ Frame DDFA Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511? https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511?	391 B 326 B	79ms 78ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511? Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f6.1e100.net Software cafe / Resource Hash 8a77c996f4f34447acd84ccdea8b75074f3aeace01a5e37a0c130ab3a8891a08 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 217 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:06 GMT expires Fri, 08 Dec 2023 23:49:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal90008.redintelligence.net/ Frame 6D79	7 KB 2 KB	34ms 12ms	Document text/html	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4f0ac3c6a4&subid=&uid=5b457e6dfac9bb4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfH-YcKtzZfvlMvyL7_UPyZiGmA-m5b2gaa2VnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAjHCLko7DLI-qAMByAObBKoElAJP0CpvryxxC3hE4ejEFkOUcTsAYweYW_hC712g8WkliYVKGi-BtIfW_ZkwGySTtZ3b-LyIaJASazscvEBkeHaq49MkNXpL3ryVLAoLvERuDXKtMtsXnDc17loOeMCfQ_YluWuk7DpNzS99zTO0BDKO4yso1jkSOOG3YGG4z87SwgoVZEzNlx5VtJUxIsCMBBWkWoy2utRtDcoI3-mVb-C4GwlvPu61t0kOkVKos8VAN_9agMxIYvsUUFGh5bcpG4BRt7zDC6Z9gYDkaJ_fqIkZPr2wi0pVO1Nss5JerOgtWLhUpf1LH-GFrE_4jhLGsncDJ_QrVuImb1hEIsR90k7WYHcQaLMSLJY_pqxjNOK5uw1MrR_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4sDp1YOBgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5mmy8L1DcnGe9sKyy4WOT7LD8C13mopW4v-uzBzE7n48rYSJNMJ-ygLnuYWwmkSyTLeRFU3NYhgB%26sig%3DAOD64_3Ay7MbmTG36wdK-AYe0uTe-ltwcg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-A6G80rpKP9uOFAApE42h7t7z_2NvGC4Zz1F-7MsbC4ytgmDN_wXKhA5m4Y5rs94P7G_0GJKkIr_U8xF2HkHVuZ1NkwiMKbLSidvbEf4_CD4ZBT6amjw9IWOi6y12BglsPvOQbzTbG6mB5Pc5ZThtKpsEX3bZYgwncGDwG1dvRpJDCA068%26cry%3D1%26dbm_d%3DAKAmf-CIRo2o8qfeQHIGtjwIeq8D9ipJDsICQvGguHKWUTArurk_yu-T_w276LdQtrTUN2rV1Yh3M8_iXVLvHj_E4zFboDj3ME-Ols0-01L3VQKjIq9hw1RZq-oA-lmdd4OE7l0w05dj6w4hDLjscGdeF89OmfA-u7ErOnnFg0LE-Kd703_UgMCXiabxbolldQ9gRQyIr0woLBuHXSJEIb9T4cFrmlLD5SyT9eTdGMk2etJ0c6ZBQ6c7Z7U0r8WkcaWVRTI82vW-pSSYSuQPQGs2iIFsUt7fB706QQliOu3ST3J7yLcJYK4D5w0uVbW_xhMxierZbwv9SZYSeaIRH7WtshPHpUQmwOFdmysd65WwAklauwJS3rSbSMLM7gQV4ho6m-b5w0fioSREQTLH2tvnjSlpCF4t2E5UqGJSzJjepBTAk0NuFO4Zu7meBie0cKLd-6ZdwThDoPhRtLwU01EbeixBtdgrhK6OIhs2IdYkPX90dP74hdzKzT609jCmOWNEcoSwKA159RR7-PmVjumf5_vmSeEfZJ8vNqi-lYVs93Cb8sni9h4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D250%26adk%3D2021727514%26adf%3D2833230818%26pi%3Dt.aa~a.649322570~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D307x250%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1486%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D1236%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=2519832525960&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash ad1e150c78fdb5543ad95e25a3b5e0302ed564050874d2e4e9ed8f1f8d7c2f5d Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2020 Content-Type text/html; charset=utf-8 Date Fri, 08 Dec 2023 23:49:05 GMT Expires Fri, 08 Dec 2023 23:49:05 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	e99aace94e6e5873881d3400993e1e7e pv.medialead.de/trck/eview/ Frame E24C Redirect Chain https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent=	43 B 360 B	17ms 17ms	Image image/gif	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT attribution-reporting-register-source {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 43 proxy-host pv.medialead.de Redirect headers location https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73947300003024604444554012533008&t=htlp&gdpr=1&consent=1&gdpr_consent= date Fri, 08 Dec 2023 23:49:06 GMT server nginx content-length 138 content-type text/html
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame E24C	43 B 702 B	105ms 61ms	Image image/gif	104.64.118.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=73947300003024604444554012533008&pv=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-64-118-247.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:06 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 526E	1 KB 649 B	54ms 53ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11351 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame E24C	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f3ca5e5ec77d0860bf120a59b9cad642584e0a24c995801e22dbe0698b771df Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 438D	0 28 B	90ms 90ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSTB0catzZaDnItzs9u8PoqKIkAMAAAAAOAHgBAI&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOPmD4IiTJ97LsQo3CB5DY6I0N2KePsITT9KA5qqDuZrVIAiRUTxh1MxfoiXaZvyLAgAAAC5SAAAAAWgBB5kDT1maidmV4B2nYmoyhf7sSWGXaNZ5NyEkYBwFA1PYxtaC6xeCF4r5W9tJHJFQ9ejFHe4a9fD0ij7zWFH9LP3zCljQ8ZDZQfpppRcJWlr548x9-a5Nj7GepgYT3Ve0DZFXEhni6B9iPGh3qU2LT5dx9W8WE4qXwhNN1EjYuFz5ca3qy5pWI2R25w-S3RemNJqfcwi3OyhOwqpHB56YxeXqXmd1wPizPZlGw5g6gb_YOd1mHIDxOWp-1GZrlC1eQTXXJiZ_unDdL616XY437tsk7wxZO2zPJbV6EmF1kcz8xaJ76eM_x44_AsrHs0IMfMXlzj2sU0c5Yy1pWuaTHOOGeRW67HNUEaNKeV7QZGdbt0KNAN6eU-yEF-0SOEAjpJ8sqTmJrSC47giT-x3F7OVn7ij8-0BISTJHj5iIRpTdI7ldS-VnIi9QpUqHm6KGHiT9snm8FdZBT_rFoJtCIYztmHF-i5fQs7whx09iiNawuOGOOgPLLmD3XoShCIAEgYdDtzuIN1IFxdfG3kFQhOmZl1Z0pnSem5HYo0F4ez5QR16bVQHQZAGPv_JwWSFzht14f2TgutROK6oP7SABqwxJF9DGbOqWR-Ht1A49oCTVn4amtGFTGuZYu64j9Zo867WRqx2BtKMYZ7SJ11DjeCWhIGNsz8EE1ZtHoWnWDG2jERGzya2cpl1uVjbC2bL5jANVcTx4WktIoVjT-H5vh1LtFVn2dgflhRyjqPbntSAlY4MA_Ww_timHRUQk4MIPaJLF4sDjjO7E2uNhRkLW_Du5DzBTQ99Z_x8pK1goX-wNDMmT3MIC0FDWR6Di3LIvCmzfBrTmzGn2eDRTX0pixMyrLqCjBcljz4Z_aQfksbvWtrOMmfoDAJqv7akfFJwRRk7szj0cVzdYVI5cInovHdj37qN7-0M9ZEh86sXOMw0XIJbwN3vkxNYqWuvveAUvLUmxPRMvkaDabdcqoOj53qKsWhVAh5InO4uAQG2pDhmPS3pGEayqrZPjGDBN9c_v6LceO0BEhhm04ztPurAONBp4JGHXijDv91mJ0x8swlLW-XIwuPrF1cAzg6tmBMu5oDX-UsQQS6S6hrl6q4urCqg9wAS60LJ5Qfp3T60ESJFBejw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	css fonts.googleapis.com/ Frame 6D79	5 KB 682 B	63ms 62ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90008.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:26:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 6D79	17 KB 17 KB	34ms 12ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 9e55f01e795abad440e4a9f5b4b3f65d68d583997591f0aaecc33fe0e5e04600 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90008.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16983 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 6D79	13 KB 13 KB	35ms 13ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 604d8d362f98694ca54ce55ff7f93d8a460c8ae98cb6b375b0ce23a23394f6b1 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90008.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 13284 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 6D79	11 KB 11 KB	35ms 13ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 2e5d9227e21a6075987ed697b6a55d5dee2e852046faa25d2a32990d41fda1e5 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90008.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 10940 Vary Accept-Encoding Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 526E	35 B 465 B	34ms 9ms	Image image/gif	2620:116:800d:21:5ed4:8d5d:fed7:f5ef AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPbFdOmP6LbkUhQZVQd3oF8&google_cver=1&google_push=AXcoOmR4tYI-sz17gS8C6ljeVIvPEOMyzHbDQo5bJKZ8sbGRpZKR8uvekGc9LPzf4W9FyUYiuEhB1w0kA2h75tBDqMc_XFvYZB_L4Snz Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 526E Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cve... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cver=1&google_push=AXcoOmRJwlSa-lq5VmK2iQg2tvx9HGOWvFPlflDgJyeJx5H...	170 B 188 B	50ms 49ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cver=1&google_push=AXcoOmRJwlSa-lq5VmK2iQg2tvx9HGOWvFPlflDgJyeJx5HmljA4OjFcDTiP_JOGZHiEZ5gli_pu2-KGlAGB-0vjBhhX7OvyRzLpcYBo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:05 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEFIcHJFbW4xUmJLQUY1&google_gid=CAESEGVwQNBQnHOn1ugnGdwYuR4&google_cver=1&google_push=AXcoOmRJwlSa-lq5VmK2iQg2tvx9HGOWvFPlflDgJyeJx5HmljA4OjFcDTiP_JOGZHiEZ5gli_pu2-KGlAGB-0vjBhhX7OvyRzLpcYBo Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	pixelSync pixel-sync.sitescout.com/dmp/ Frame 526E	0 187 B	51ms 15ms	Image text/plain	98.98.134.243 ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGwDSPYgd7jQDctSjj3LMYk&google_cver=1&google_push=AXcoOmRYbKIcAtcaOEoz2zxIwsKYzuA_kc7GR4pfCwOeKdMj0iro47itjVu8i9ZZNJjD6WbPnx61HH24nrLmArpLENxt1uqYi-G9Q1hP Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software A / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT cache-control max-age=0,no-cache,no-store server A expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 526E Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEG4Xqjd62FDGW8YBseppGVc&google_cver=1&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx&google_hm=Q0FFU0VHNFhxamQ2M...	170 B 188 B	48ms 47ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx&google_hm=Q0FFU0VHNFhxamQ2MkZER1c4WUJzZXBwR1Zj Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:05 GMT P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQx4aJCQEpk-iiPh9In4hB1l-IWlfioB1Mwfw81fSPqS7dNeSih05VNlECWiHzQY2MRQ2uH8jskLIkY3kTl43RqkNUqNyu0l9Fx&google_hm=Q0FFU0VHNFhxamQ2MkZER1c4WUJzZXBwR1Zj Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 526E Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIq9ZmIBOuHOtYlIe5ZYE4Q&google_cver=1&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKt... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKtmB27...	170 B 188 B	48ms 48ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKtmB27OxUin6j5MU6JY- Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDM3NTEyMTk3ODEyODU0MA%3D%3D&google_push=AXcoOmQs43ATe-BX6WEGSyWcmQiuj4tAATyGP8vuzhqktFnZWJruhVcqFX1BDBRgNOb5eQkjPT64gUFqaegKKtmB27OxUin6j5MU6JY- Date Fri, 08 Dec 2023 23:49:06 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 526E	42 B 204 B	56ms 20ms	Image image/gif	34.160.236.64 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELACe45C4yk0kbbKDyk8bIA&google_push=AXcoOmTHgFkZJaDtOBGphkUrN78p3_LRZg5MxiudjiQCzXXxdkMzzcoqXha6UWTeMvvLgFLmb_GSo7Z2LcL9ivM65NqSNhR4bE6vLXk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 64.236.160.34.bc.googleusercontent.com Software nginx / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT via 1.1 google last-modified Thu, 19 Oct 2023 06:07:48 GMT server nginx etag "6530c7b4-2a" content-type image/gif accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	trk ag.innovid.com/ Frame 526E	43 B 297 B	158ms 24ms	Image image/gif	2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESECPtwIFCJbUmHgwiv0L0pAE&google_cver=1&google_push=AXcoOmTF_jN994ZujNBccXUz3F6Q3j0_lUC3Szb6io0mc4bvPjkvizAj1b_OJ_nxI9zuHquYzuXwfdwCmBAVRBeZ77YA_-nHZpFz480V Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT cache-control no-cache content-length 43 request-time 1 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 526E	0 12 B	46ms 45ms	Image text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvR1BZyykdeNziCn6ql87u5qNxKfU7LA_YmV8qSj3bmegafjkR4zk7QPLmAOy0c-wq3N9X Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1486&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	viewability Show response hal90008.redintelligence.net/ Frame 6D79	0 150 B	35ms 12ms	Script text/html	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90008.redintelligence.net/viewability?s=73947300003024604444554012533008&a=9e321093&vb=m Requested by Host: hal90008.redintelligence.net URL: https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90008.redintelligence.net/request_content.php?s=73947300003024604444554012533008&a=759f7715 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6D79	14 KB 15 KB	54ms 54ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal90008.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:36:48 GMT x-content-type-options nosniff age 11538 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 20:36:48 GMT
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6D79	15 KB 15 KB	59ms 59ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal90008.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 11:13:55 GMT x-content-type-options nosniff age 45311 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 11:13:55 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 5516	41 KB 14 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv3EOI3le_HgYowSHYJTP-oHA0k_hpQuYczuNz8e9vvVbrBfgFEGNinFrP6-LqJhyKVhiPVkqneTWnLOqXGvUZ4S0b8ABTRzVkUuR-D-TMAYI6hIWc2ITAOkKAikIcIdDssSdjS388goU6DrLEsDl-qGqZFW1zwtHrauvB-0OaHr0qp3Q&cry=1&dbm_d=AKAmf-DQ2XZwvopVeyJ5Ji-Od8lQdYUm-0C530qImTh0KczE9tNq8so4GN545UWK4MSfGRrEiZKohF8SFSKQVmXaUMpjTFKmHQa8Wo_jMmAX41kwg0mBYTtyCJamAg9C3rxTCU8VW0MOCY06qGp5ZTqU2bM45DKBXi0gGqY9gliuN0zebBTHEuRC6z7pBymEcU-g8Mfa0T3hg9gKLEHpInmR5zyXE5Hwz8R3U5FwRVygJaLLzNU1duNyc1wP0ixDVs8W5HX20Km6XQiP_-PUVNoQxEAg46pf3nw3Mx1CMjN7zidNU6K8esGgY7-4X3CWUyu8QcvdSh2Et4qTSt3MBNpxKc7z0tX8_O-WXDfqz_qKDaNLpxfw-AyTk02QgY8-gq38ajc3d59I6O0xVJJvuH205Upa41Bykp13SthGpAfzwg57-5iyodixtSIXDcxb8zuHTg1aWcgjjqsC1bs-II4HRCE6cZfCFmMgBrjULjLzsQJhU152BRCug-ANji9euALCv-PMlhDIUxVFjZ4vsJuawkvl5vIvQMPQ5Mduu3GhqxAiexQsxmHEHdNjVJXseQZzBSuoRY3itD-ibs7ptIgZhyTOKBrPAcOK8C7qyfCOjlAcj6IvLStIZGwvkXEQrW44raa_HmgiLNUtRY-wKqKJFrM-mLimoDq1k3TD8blLsHKh_DcJD9-PUWbLpAQL2OB9h2a-uMYOllcx9tv4Qpr8TU0W2z6wiICrJW7B9HUUjRRYqDaU5eoE1Z7f8QDZrq-YhstqqUsx22xPE0dvuyW3irMeEymkHwdKhCJ-MjczKVIrZs_684k6QvMutcjyzVMsvla2arA9L_FT9u4xu40J-Wvp1oYqjxsGDmrErh7XJM4GpmEphZhK_1TksA7-uEBZGA9_aJKhrMynw2xvkktFDcyE-JrZ7eZKSexYyYx4lHOMfyQrlzd2xVzSPrcO6Lzu_J8Ghebs2qWSRIdb7BAhyxDHSnMWccNHCBpNiUbpuDjm2ZtoGsAUAXEAZT5o0qdi4YrMC19CIz-VFk6awNEVPx7x8r8EbO_5UO9025NsUw-K22dmsDWoR8FY9dm3ODG6FvTbc3dfptLXVC0QZLsmyAJnaArysGCqXk1_OGJLfSCJStgZvHLCdfoBi5pbp94OUEO2anKIa45Bk6M8_GlPhDOYowKJi6pALopvKfWWrWfTy2PLRpyM2jGqPFu0H33k2nHTxh1AbsFkzt-mOqzAKZI4G6WKwX6Qhnih63mGuVHKBRJt91teIg6tY4b04GiHMEzK3mtZN2U2xKZSFuofK9MsKkldOo5b4lmy2I0EMxjv53RSgedWUASJ6U3NzqRkqqhpM1AjqpedRJRtBoGCG013vuizol5jb0VW01BpcWIzRXo1okqzUpowHODnQGZs2kWngKne3aaRYFeI66MHDu6AeDDbNSnTaxoCYfDqW8ZJGp1qRFeRO-u1W591QNcVaP9Kp_Zft46hy4Ep9a_ig9QM9Q0VV6gc15QWsLiNJ0Kw_JTAR2-EmsS3dfu53mmn3uabiCIZubUZMm-8yYGlLqBPAVsf7SMCQIgPp3BmRRC-ix2oeAzPbWpYhTylrtRT4CV9lMJ-GOf0-z3Q7hb5MMZKVBUlrhJV6Bqxx9TUe6JVidFLtgQR3O0kRye3IpJCgcj6DMFhYaUlf37c6x5WAH0eSxKnoQs583ygn12Hkhz0OfOjnTVZU422n5EtYogUwaORuSIhHQFH7zs4bdcBzWsg06NFjPCmQ4hm0YRA8w5tHLJejM25neuLvZcmt18Slwja_r2GwGKDDq3ELz6g4337DpRjtCplqx7jiopgDIIa6ZmBTnUWP7XhsyeoVZX3wPkLj2Dq7y9iRUGN5fa0wwTKr5JRMxhANKGU9tfaI2ml2WESrPGHfcoPt_BVg5O2Apyehljy8PUks5NFWFmqva0BxK_zrQWF2DCOyajMPR-pkBV7IyDfuwQqZbLYKEbGxWeYyuoiYA0K1bgPKtJWnJ27uu7xm4jXsbHZZuGdRKQpoqy1bOFNOJpoxLghZubp4MV6Aa2WfQDERdNM3ejnuG-UWlhBrLD-tJwWAKpZpidMH_d3PFlzCsmBcHTN_pjFFktCEcVfn4BIHf2yK3zHIfJpjRiI9s_rYk8NFOVxIcfaSxF9DhLlWOw8i_LsQ4AsTHCdvlay3tLIf1YSperjqIK0UnqfpN5jvSb3isnuHfB3ISBUxVUQ1EEDuYE6pHUTRzu__oWBkCeTAuZmmAr30_d5U745SF1V5MTOe-I6L77cYkSfQvXoUjWfqsXkVWgcBJcjcmAcAC0TtlAtNhA76E7bFFUt4gnq1E2m4ahgKOdzb4ClnpobW9hb1gjuYSdeq7qDdtBWUQHdJ-dsAJI2suGfxv6AnL9TMCUCLxur_2V81IHG4qSh-7q_RVZRGpHf48rsiCtWgrUdeP26KtiDaszE0OtoZ9czckklAb1ha7mCkX7kFWlGv_Pa54aPTWC5c4Qgr9Uc1evk5Aq6IEcGcyQ7P3h86IFGB47EZQILNdNEqvBL0TKUhoMcHvnCTzwyk0ug7MHu4k70vPbj4Cpv3jkBaKpj9-bRGCuiwpDgfSspVAIt1L7Ot2BbbxpDmFfqTC6IJh6r7w-QnihszhALhQRzFh32c-JQhsFqj4SO7llwMkRIqeyqH4e7gYBS0By9fzXWqh5k0J1IMSFIadwf9Ut1svQtbP-v6ZOH5E9WZ8fQesdDdPzzVDFo59QXKa4gA6ypKD87lC0Jm73NicVBwKAhQqfw71Lm3DT4d1ht7yenNC9_CNhCkKYQWiqCMVGgjta_xIXZ_qqhMsz6Xm36GpO75XShUPcWtYfAnLGTmnCsQ_GBM8sfwelowNDNyjmhAFxWEET72S4tpCCl3DDCDTC2SheRLhQAqVgiIJubjUTUn4eabC3VKO9aHbAi7jro8cS5fBAubU90fs51cz7Cqv7RKpcx9UQhsOTk6ZksDjA2JJGtJRig5UnZnCaq1IHxFH6nvqORlAB1DI56z93xAgnJpsMoVmCCfwnNVsakZzl9tCE-ofUNCoQSCRKjXsFTWaKPjk-TUnAbk5HyCDucNE-yMtNriCpL06zSuZ99H5m2WOIpwIAUmrzL_arkUJZ_xlzwwSFA4rVGNMaEDn_3OC3xPEzAq4Cv4gWRRJkLh-n9O38skIqf-oqPDkdP9bIRW-LAIOO4Nmxs0ywOsoZdfuJToXnNQBtJaTJLs61ccMZVTEiScu-C-aYLDnCW75gHgdT7MeOE8rKK_0rlTo9uxteJN6cFf1MBFqYKY0N6PwpBbzC1mTVewhANRXxxiruTPELRJwOhuCv9XQWqLXeeHuEMRYInlghcBz5AJ-NE32ixZvd3rDUVNaiw5Ni_iDaYmcIT1N1DfXkDV4baPXJ_bMcUpz_WJp000He7WFAEzM7-nQ9_ZSN7QvGpOycZQ_76n7iK741xegESK2QEvYrxPrNyAuzI06ZYhsRfJOwx3qjZzQJ7IkPCiYCa57dA2CwxZKE5WPFUs_Q9hlQgy1X-KctwNN40f26cZ4JzJuQbKfKBnUm4ZbXxtYUCr00cYOQLKKaBdsXkDznqvNOlukiiVtaY02Nk7W6RbCCILAtCiYLshisntL-Bga2ae-hZ0UTZMpPDgjZMGrNZHj8pXPAM6r1K0LBBvSa2dZzTdzcESBhd3wSzPIwJWGktYaqPysvT55qjLhWJ_8fCn9hxqTR0g9RgJ9rymB4n4bUqeAAFDMZXyymPB4I3E_BLElkrtelDFslFb-_UuY2sPeckbIsqZpsHFqRJclfg2PzmvQjQ-709uxuQJqOjNFfJk7IsyfvxoepleVxZvM8yjQoOiZ6xP4wiDNdr_10p4jxXp4nPt1GaRvX4DrUygmrS995Qq2l8JwFfcDrAU47gnpnoAvjDk4KpL2nuf7DrB1M6c9e43wzF4qqqFVwWcdD4tUcj4mSqutDuugLmJShHw-nJE3Kscbc4LT0qRJSGBInLylUrltIuAx_5p7twqgLdsu2PEuzEFxnnWT1MKzmRqS_y831GrOpXLwcWDBU8hO5-vcyQQFjKZK-0MCdV4vWRtek9-sa3eXlAA_CpjWPgLWhq5Wnr2RuRg7k1aZKcMKmizTXGJ7Wm43cOPYwEBUf84CAv3blkT7y2lbT3VpJZB7KOT3OZnkMbRGwIOFsEWgkVIEMBpH5OxyQkUMYMs__C5XNprdh0nPF8oHXYYURiqOBBZMVEZZ_QnqIz-skYgzAS3abjbfwMH4k6F1w&cid=CAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10880987486850576000&adk=1761367584&idt=172&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:05:08 GMT content-encoding br x-content-type-options nosniff age 20638 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:05:08 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA3OTM0NTc3OTc1MAogIHNlcnZlcl9pcDogMTM1Mzg1OTM2CiAgcHJvY2Vzc19pZDogMzU0MDMwOTQ1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame 5516	0 508 B	74ms 73ms	Image image/png	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA3OTM0NTc3OTc1MAogIHNlcnZlcl9pcDogMTM1Mzg1OTM2CiAgcHJvY2Vzc19pZDogMzU0MDMwOTQ1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MjA4NjY3MzA4MTA1MTk2NDUwCmRlYnVnX2tleTogMTY3MjQwMTEzODExNDMzODYxOTAKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA4IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0x6409396f7758cabd0000000000000000"},"debug_key":"16724011381143386190","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8208667308105196450"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	g72h7lz2c4az Show response hal9000.redintelligence.net/zone/ Frame 5516	11 KB 4 KB	34ms 12ms	Script text/html	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1702079344982647&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 4b17a031a13514af0cb62e5e7f4e8ef8c49e09d66c056bbfaaf92fa23ec36c7d Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4213 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	request.php Show response hal900030.redintelligence.net/ Frame 5516	4 KB 2 KB	129ms 96ms	Script application/x-javascript	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=611ca5c98d&subid=&uid=9ab50e9ad0655e8e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1487%26idt%3D0%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=4901228032963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1702079344982647&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash 21f525515e614997ccc4c097a0294338befe0ae149dbd9916163bb5900be0cf7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 18077400002785304444550012533030 Connection close Content-Length 1317 Expires Fri, 08 Dec 2023 23:49:06 +0100
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 136A	38 KB 13 KB	52ms 52ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 311861 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:11:25 GMT expires Wed, 04 Dec 2024 09:11:25 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511 adservice.google.com/ddm/fls/z/ Frame DDFA	42 B 401 B	219ms 93ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511 Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_Nt9aDgYMDFSDdOwIdgcMAhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8222738096713.511? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://5994599.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 136A	39 KB 15 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 6427 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	91ms 91ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=318824155147897&bg=!kJOlk9zNAAY3kmNgF5I7ADQBe5WfOMeELQ9MXOPn1QBU00p_AehEw_5q4lAw7_zoxX-5W3GyFZuHCPCSuQGEkIC9GfMYAgAAAD5SAAAAAmgBB5kDEb6wLkLHnhpiqOdLMCxIQTYKiYSLK4pwXS7ROVUrBeLi1j6GzTA69QFQ3g2P-vgDgHwa37mpZdzXOVpz-bWxpe5S8eUDMaML8P6Rfqo6ICTDhD6kQio2bfltUDc8tk5bPZBkDoj4wJKr0tamFyBIJeSJM89eN5WeJpkuYK5BbMUkVk855uNOKT2dISd7ZWXYoUXWJfTz0ixspYkXprWUiwMXzVzDl9GcnCdqZSn8iAaE74qqXS66BWVOs8HgYo0zt9cGftRXQNhRoOefkBW5_k98kwbYF5D8lZh9LO5yLyVIlSh15TBsbSC9DpqmvaXbQjRUk14duWRsspkzFU61OEoAMT4UYa550AtHeEhm4iVGDMs4cHK7if8iRIiJHBTo8rBaNpLu-QxumR_Q5iUueiB07Re_6EgB_zH45NOPqEe3-Z2c6nb1arNxFxQsiVo0IXKyx45ijJXT5QZYHK0ypuPqYBZ343ZNc69JlsIxy5RtaNFpsbaGqVbixPGC56WcYmD7yyrA6dvNhgs5x2Pwga2Jzn2HLKY2SB0vIYXYmzYtXShOdQBihyluBZ_0gYref3CxCIQhNst8mivu6KB5thZEOHd0QJqyPwW1tmThExAHJcBl8pPu2mq_6lEND3Qx5tjbJwM0M9g3L3PpPBunxln3wvThZfRqx5iyU0pudkjb_jMvf5k6vSY6aDKiHTdMARCH22ux5plfSuTm3pWjwRPH7WfIw3BuWZOMNZDkKjJ4EMmVbXMqQU9fhv4nuJQh3cg_snEtW3Z66QFYlJCMLVUmzGgx8Fw_L9nlUII3DoqkqqWGOH9VnbygcaZe0iNAqk3chKyY4hrBK8tFBxqWb14TUcX8qGQtki5mHQpOSANb2pWVoicGf_uCTqV7y9ptihKJ_QJxJt85FKx9EYNn942FFPTqoZQ1T6qpSyVnk3PnPNUtpKx5UI7PPhdPq0BGDozWfpW-Xbsizt3oQqUXbxzvh-muFAr9hiamQtjcNfPMpgkQnznPYXHKY7EimoOeTH1-NIAKIp2lT-Q3_7JXB_ip Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	200	/ Show response adv.office-partner.de/ Frame 2422	930 B 923 B	62ms 6ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=611ca5c98d&subid=&uid=9ab50e9ad0655e8e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1487%26idt%3D0%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=4901228032963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Fri, 08 Dec 2023 23:49:06 GMT etag "3a2-5c1ab16b3be00-gzip" expires Fri, 15 Dec 2023 23:49:06 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	htlp Show response futalis.de/ Frame AD7A Redirect Chain https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=18077400002785304444550012533030&ra_cnt_active=1&ra_cnt=1 https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372365464	350 B 401 B	45ms 14ms	Document text/html	49.12.22.42 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372365464 Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=611ca5c98d&subid=&uid=9ab50e9ad0655e8e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1487%26idt%3D0%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=4901228032963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb-3.futalis.de Software / Resource Hash 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 350 content-type text/html; charset=utf-8 Redirect headers content-length 0 content-type text/html; charset=utf-8 date Fri, 08 Dec 2023 23:49:06 GMT location https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372365464 p3p policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP" server Apache xphp81 true
GET H2	200	link.html Show response track.webgains.com/ Frame 5516	2 KB 2 KB	152ms 95ms	Script text/html	3.11.198.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=18077400002785304444550012533030&nw=1 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-11-198-160.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 336067a9522fd40a888ec7708ab365163b4016818e248ed2216a9d088b822b70 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT last-modified Fri, 08 Dec 2023 23:49:06 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Fri, 08 Dec 2023 23:50:06 GMT
GET H3	200	activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099 Show response 8019191.fls.doubleclick.net/ Frame 48E1 Redirect Chain https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099? https://8019191.fls.doubleclick.net/activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099?	391 B 243 B	78ms 77ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8019191.fls.doubleclick.net/activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099? Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f6.1e100.net Software cafe / Resource Hash 773b8021faf6172bad1f968b75823b459d4f42aa57568d266645b593e72c4cf1 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 220 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:06 GMT expires Fri, 08 Dec 2023 23:49:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:49:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8019191.fls.doubleclick.net/activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900030.redintelligence.net/ Frame E12C	7 KB 2 KB	33ms 12ms	Document text/html	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=611ca5c98d&subid=&uid=9ab50e9ad0655e8e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFetqcKtzZff8O-CpjMwPwoyx4ASm5b2gaYWVnKfJD_AuEAEgkLuABGCV4pCCoAfIAQmpAi8M7Im6DLI-qAMByAObBKoEmQJP0AbNvtqMVpUzj6PNdHjet1AW_Yn4HbrSHl_CP4_R2cZ8801draXCoxhfxh_rpfg7c7CUPFPUZm4f8HciLDUMTkAq0ok__PAcNNxMYX_B6cmBJr8ov4355qh-Nz0cizi7aZClOw94MBqtjiAJ-nO_E6jk3gDVK0E1ZDfRn7JlcwHjjgkqUL2gIVgnMZt3SJ0ggm7Bbtsf6InjXMr8wDiZvntQ3P3F5FT7xSc7EjDqc3ih592lDvgrNCv2sRAv6YiZzZURobcWo8RSCuSmGTi65fYB5t1wxRbG9ei8gLryb30icnNSeRCqdMqdi1yupVynd6iIfWgu4qalrXmy9FcBwoOUnqoTtHJ1iJJ-6l4W9KoKQ0fyi4OmkMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljC5OnVg4GDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNmQnqqtb8ndyaUQ5MlpII9xA9xFxdepWYEKpLk7EskqszJZkFXcHdGmIi3XYB7BbPnEm2DcYiLBgB%26sig%3DAOD64_0PTIp4FPZy_59Phn21AYge1HlQrg%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-AyeZKJ5oRUbV9gOEa2W-4TOjUJp1fbOY_ru-ZFUAap4Eaq6akGrtuFA4WLJy5WTgcaLytYx5judiitiHnKpKq9tImnYy9fguyijdaRonPA067t8GQlqq9gNB7yPqdIXzDNywKeWsExCPS5P_Gwyc9ot9uBkLUlK2IYqBvT_xfW_r7v4HQ%26cry%3D1%26dbm_d%3DAKAmf-A4_CQ6da4BeCLI_O-THgku862mQ0rv-jMRkWVSInrAkdlg2ZWrAbEyAkeEKA225VSVMML8qh7kyKPTdRWikdJfz212kTrEVgy-LnvZ_4nstwwkxhB60dr9kJIPq7Nkv3Vm4L_65SxO5QJ4PSiE-RO8y1Lur4Anesi3lDDCHvJ0TFeQaVHQR8-lRlnokH0fq8Bg_l8bg9qrBavB51L9NqlKHTCb3oG9zuaUFNzec2OynH35_6OtD8Xqb0SCp5sul-MZp0xwLBd74eG8zNpU3XY8ER8fRl27gjy1OiD_lGiuarguWfZovMmRDIW2Cp8x1EFWKsZ4dKxlAsKoTqVB0kLHnNpm5zW-ypcLUcfkXUXroBe2tSbJHxkbkEzdP9940cDht9LpnNbi-bjvHQcTAPbcEz8CS7WaMcaJx_AYqUkQh364FZOGYjMKWDAJHzvMY8XK8JWvyeG5eEPkD1UoTb9etaRvnXXQ5GpKE9ZtgcCSSXql6DHKmxpZTELAi_EdlcZ4nsqRwXtBrgS-gsAxhbAeEmGQn_yIkaPhV0GucEKbFEKRA-c%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702079343%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702079344785%26bpp%3D1%26bdt%3D1487%26idt%3D0%26shv%3Dr20231206%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7732832083763%26frm%3D20%26pv%3D1%26ga_vid%3D270923171.1702079344%26ga_sid%3D1702079344%26ga_hid%3D1727811600%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079864%252C31079920%252C31079923%252C44795921%252C44809005%252C31080064%252C95320885%26oid%3D2%26pvsid%3D318824155147897%26tmod%3D480263585%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=4901228032963&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash 79e0344adf09f5db4696e8295f78753f27452692c935b9473abb01854a4988e9 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2081 Content-Type text/html; charset=utf-8 Date Fri, 08 Dec 2023 23:49:06 GMT Expires Fri, 08 Dec 2023 23:49:06 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	impression.php t23.intelliad.de/ Frame 5516	43 B 557 B	86ms 22ms	Image image/gif	35.157.49.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1702079346&co= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.49.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-49-61.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server Apache p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC" content-type image/gif cache-control no-store, no-cache, max-age=0, must-revalidate content-length 43 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 06CA	1 KB 650 B	54ms 53ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11352 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5516	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a364c3506f050ba2574d7fbfa122261f3019f9e057d579399ae54ed69f4d4024 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame E12C	2 KB 434 B	64ms 63ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 23:49:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 23:32:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 23:49:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame E12C	9 KB 9 KB	35ms 12ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 6b26f0a04a72275af29bc043a0b09121f28db5a91e97d2771f6bf2ae130bcec6 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9250 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame E12C	8 KB 8 KB	88ms 65ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Native_Online-Deutschkurse_627x627px_NEU.jpeg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash 10b8fec7c9351cb35bd7bf2a3dbf92055db542dffe950b800f7fd209774d8c38 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 7823 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame E12C	7 KB 8 KB	116ms 93ms	Image image/png	138.201.63.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.63.201.138.clients.your-server.de Software Apache / Resource Hash a25b130159fb320910596ccf9efced3edf25430c1674a463eac3522e35e60cf4 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 7633 Vary Accept-Encoding Content-Type image/png
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 06CA Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1&google_push=AXcoOmT0wacihFI3wd3QEOOjJAxAfTMh44YB-m5hdLak5921bvfm9mJUKRtYII61SOuOcmx5ey7UTon4OBMyRoqiNWm0hcsSeoQqH... https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMTgzNjU2MTgwNTcyNDgzNQ==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1	43 B 398 B	14ms 14ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJxFfcEpDyK8cHxy0ob2Prw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 06CA Redirect Chain https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFjWSQvfFoCojJana74zQHc&google_cver=1&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4sWSVQwLk0h2LNcpizKoNKxUes7ER89WZ_JSW5UQNN-9cb9101...	170 B 188 B	49ms 48ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4sWSVQwLk0h2LNcpizKoNKxUes7ER89WZ_JSW5UQNN-9cb9101hbzuPCRqcVNCMJIrc_p-dc-RE9otPg&google_hm=YNDaoR-iSN6Q8UexFcEQqbg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:05 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRn61YF9g9VRClcqto8NIV8apsnuuVi9Rl-8G3X1LQwunn6_eeqivfe_qUW4EgrSh1x2dDgQ-4sWSVQwLk0h2LNcpizKoNKxUes7ER89WZ_JSW5UQNN-9cb9101hbzuPCRqcVNCMJIrc_p-dc-RE9otPg&google_hm=YNDaoR-iSN6Q8UexFcEQqbg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 06CA	0 173 B	54ms 18ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAgUIdjyyfdafDSxs57kMe4&google_cver=1&google_push=AXcoOmSVE_z5NPdkp-zuwul6_stbeRZO7L_7L_IYAZrywjWbzbmRSc5vG_WKU8pMc_wtt0L49uwlqoq6QLyHiq8wY84_N_N2Zk7hRCQREPnKuukYBr-j8W9yTZIg9V_wVW765KYYqxvP4pKqT6LFJ_6PfdNvFA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	sync x.bidswitch.net/ Frame 06CA	43 B 145 B	9ms 7ms	Image image/gif	35.156.152.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEEX5dR3qA6aq7EP_tADJfoM&google_cver=1&google_push=AXcoOmSGHQiU8Z9vurcbtQuV3XT13u0PFXK7f0yJ5HZFxiuSge7OuJ6P4H4TIqVz6qrVGqgktsr9true-i_hrJTzGRQG_HVF-XpCGT3ntXELolKtFJxph9_HPA9rGaEA-_qmwv1kM2G3E-h3NDiwDZ5PowyigA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.152.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-152-149.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 06CA	43 B 363 B	50ms 14ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSj5Ic2Pwnpsok11PkR_nNRvybgpYoOoLGI0LcwmO3dKO9-Ba7zEhgfRVkdSFs4xJJHfOwGoc03fI0-TG_X8z19pcL6sjm2UC3b4KfaaPY-7ipix8uRfdMfH7JG3Dj8SSUnxqbyKJYsxEszwB_2mz7uYQ&google_gid=CAESENFdnUhpvXL-ck_uTELDbdU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 179354 expires Fri, 08 Dec 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 06CA Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqnm2Hui3X_r-wrUG1dKFU&google_cver=1&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxi... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqnm2Hui3X_r-wrUG1dKFU&google_cver=1&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqF... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcwMTU2MjkyNjY5MzkzMzM2Ng&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-j...	170 B 188 B	48ms 47ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcwMTU2MjkyNjY5MzkzMzM2Ng&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxiaxsMLwr857yKA1DmLWx-4A0btiMbirpE4bEFO2lqRZWvXAn2tZoz60GEcyGx2x53vvXjEpsDTnlpFw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcwMTU2MjkyNjY5MzkzMzM2Ng&google_push=AXcoOmTDpGZWOKikux7Iy18MqrVpXEMFEz21qjOThNb-GZ4T5Mw2SgX0uZjKovtFGNF7pQHkNqFc-jxiaxsMLwr857yKA1DmLWx-4A0btiMbirpE4bEFO2lqRZWvXAn2tZoz60GEcyGx2x53vvXjEpsDTnlpFw access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 06CA Redirect Chain https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF290-pyex9wkPKjN1ZNPao&google_cver=1&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVL... https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVLfQnID9KJzwe6UGPiXUVwCxqJSyZcvuBP...	170 B 188 B	49ms 48ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVLfQnID9KJzwe6UGPiXUVwCxqJSyZcvuBPtkKPlTGgd4dp8JIN0BKzz7Z1sagvZgg&google_hm=MPFSedawTh6rHQU7J9p7TA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmQDqvFRacuApNuIHvhZ8fD4rePJ6VW2epRrGTf3rYDxzG1GsZ9bglXpwFYf_DvYAElxrha7BUR_1EEU5wizxvopHVLfQnID9KJzwe6UGPiXUVwCxqJSyZcvuBPtkKPlTGgd4dp8JIN0BKzz7Z1sagvZgg&google_hm=MPFSedawTh6rHQU7J9p7TA pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT cache-control no-cache content-length 0 request-time 1 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 06CA	0 12 B	46ms 46ms	Image text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYEOkTJy1SVKfNGq2Y2DvHdBoDdouC5mF8FYQxsPIhqP99ofhEC0F5JQ6P9gaOz2vjWU2I Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 2422	175 KB 63 KB	177ms 62ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ffb21aa8f5c69b1632d6b3bcd4e53ec972e9ac52b33af4920c366c6ca912b6a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64118 x-xss-protection 0 last-modified Fri, 08 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 08 Dec 2023 23:49:06 GMT
GET H2	200	ts.js Show response cdn.retailads.net/ Frame AD7A	5 KB 5 KB	10ms 10ms	Script application/javascript	2a01:4f8:d0a:2321::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.retailads.net/ts.js Requested by Host: futalis.de URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3372365464 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148 Request headers accept-language de-DE,de;q=0.9 Referer https://futalis.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT last-modified Wed, 05 Apr 2023 20:14:46 GMT server Apache etag "1416-5f89c717cdc2f" content-type application/javascript xphp81 true accept-ranges bytes content-length 5142
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 136A	0 28 B	91ms 91ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKYU1catzZebLL9Cmx_APzquTmA0AAAAAOAHgBAI&bg=!nJ-ln9DNAAY3kmNgF5I7ADQBe5WfOEOT5WDI1gXZL5Pg6VVR7JfethSgr7DmBgGf1DW8IeRfN7Hdly8RdsRemcPcrQkAAgAAAD1SAAAAAmgBB5kDQLolv25cbdJRRYFjvlfkAJT6aSWdMARrNrtM2m3ZScpGi6zO2BchJXOReY35saHhOJ7xFWCMu8dBEowhJyCl-FqSwb6o-dcs_fGaWJE4InCl57xWC9Zzxu6kAVON695kNejRv3pmMT_8a0M7s9p8JU1_bjNYV3gVuybp_y58E78qIH5EhX6Bg847fZaXg9SxO59t469m_uGNgAofq4DAaP2-OlUd6YUCTY4qb-MlsGNdnqB8QXMRzF8kQGLTnyPhRepOao94MxpNb5aaXlSoKXgNtEoyjUHp7vqbcOH6Ex60i7TsAKHhQ-8p4pNEotR0sTEGAFdMeP-nLeR3xucxtQ49m_O0OgCLEiMKAKdgO02lN0MI10Gxk4IphGq44qpxUQAoCKWKyP0UVxYXFlGT4tvVBNOXcqmRAuJMC6ORWkVNe0Ri9QswdmDOVaW7vY60GB5By08u_CqDcZN0rAF97RspT7pW1fiI-YN5axx_gIjPD9WGJlJMyL4I5UQzdMawxdoTgv5RXKzec0IOgp_rx-P0y6ebOHhVeb-yjLwFIzh2ZG3SAnZPIXEc31cHmWZsJvDozJcWmX_ftCwTqTO2Eadz-wZXSYlMUmPUCUlZgQKzkTcLExbb7dP79y5xFMjC6AcWjhafDzGsxWlNhCxSX2hLc0ag5xTgOxCCzmvNvkPJufvYzsWt0jGHPwyZn5Efmgpe9H8-1yvLc7Lw3RmfpuiGjmVqmdyvWYNmu6MKmuldTlwj0a9BO7xngsw0BB_QzVrHPJEqFUQuuemR4vTMF9n9bTF_H7MABEeKsPBKkAtaB4TgHsZgrSbnfPHi8jK9ZFrYvebA99viHDvsRb_1vhNg3dSWSNnTUXXUxE7GMA2KCdJJ5WD_Wznl5qe1aNkBjlw1APEQHLAbeHPRPO6EysuUAlUu__-aVFseJjPnsMqCCpfbkanae6d5BcxlLB6GgosjnyGJaJ9RakXwMQpoEAaJONrsyzi4Al43FBt45QovDGwGzmX9WQOGf9s4Hep0mE4Wb-wGtGPIvv32lw0jE0CO2CCq-wavhyeEEzqIVbeAoVesCNTIo4Q9uA1uvKRiPg4UTtI5PoQ__hM9NPq7uiA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900030.redintelligence.net/ Frame E12C	0 150 B	41ms 19ms	Script text/html	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/viewability?s=18077400002785304444550012533030&a=4b75cc16&vb=m Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/request_content.php?s=18077400002785304444550012533030&a=b5a3dfe3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 23:49:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 5516	53 KB 19 KB	43ms 7ms	Script application/javascript	18.66.147.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=18077400002785304444550012533030&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 01:58:47 GMT content-encoding gzip via 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 16:26:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 78620 x-amz-server-side-encryption AES256 etag W/"1180a1bfee0aad979766ecd6180b923e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id eERaeLFeDqFX04XZGCC0FX-t_Sxw3-4vgDLtiIIVMqao2SrCzhIckg==
GET H2	200	1x1.png cdn.track.production.webgains.team/7121/ Frame 5516	3 KB 3 KB	33ms 7ms	Image image/png	99.86.4.36 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1702079646&Signature=kJmwOcN12L~e30gdYrPDHC4zvHCWXjk~lIATCAJZXqE1A2zQRF4EF1OUZsivouT~WeDs0cYK3Js40vpxTVwGYVrtN6KYLQb9X6vzFZ8LtDWViVurllwglgwOIdt6td9QP-JBV0p74GvsDYDqusi8Q64ncIsNNSzWK7-7DZDnxxiV6I4IZO3M-41JUe6ASSJW1nVgBxOWy-uG2JVHJqkpnLdtVtaKx51ViUu6zR8oCRcDDA0YPoBV-to1317tIOBEScbpgeewj4w2vBrgX1vIArG9mbtu-i6W7Iu1h6CRMfL1pJna4K2yAc6vje~YFcfPSc~eOvutaGpJw5mgaMFzrA__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702079343&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702079344785&bpp=1&bdt=1487&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7732832083763&frm=20&pv=1&ga_vid=270923171.1702079344&ga_sid=1702079344&ga_hid=1727811600&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079920%2C31079923%2C44795921%2C44809005%2C31080064%2C95320885&oid=2&pvsid=318824155147897&tmod=480263585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-36.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id null date Fri, 08 Dec 2023 07:00:43 GMT via 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 60504 etag "4e57de0506fbdb487ffcd53b450caee1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2808 x-amz-cf-id 5pvD-Bf3FF8TRe1R4ppXjQeIelFDyHxU97rjkqjyVv128a0NP0HoEw==
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D0EF	42 B 64 B	90ms 90ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwIz61nJ1oA6mZqlz-BvFQ1xCw03i9Axl2h47HUWpbulUOqQseaP2aDCAozOo9ZSLCJUCRZSbXTgb8zXMo_WNshPvt2qKL__1AmQLt8bIm_hIwX2WYILKksEcIOIM1HnqlKN_rLkxJLNjq&sai=AMfl-YQRtDmcRIi-YFxiG2jS7uuWBQ6hTksyTzVsbT7qh5ksb_fyL62IbhmRnUcs26aI_TZEUmt78D0GwgNGhYboDkTyjJ8keui3ovoPAmv-Y03V_LHSVazWS9wfudngIRgHARoxrq3_GjWUI_2hfnI19c2PryGi0AOQbFoI&sig=Cg0ArKJSzFjNT5L69rF5EAE&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=218,901,1000,1000,1000&tos=218,683,99,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702079344941&rpt=498&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099 adservice.google.com/ddm/fls/z/ Frame 48E1	42 B 107 B	93ms 92ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099 Requested by Host: 8019191.fls.doubleclick.net URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COaaxtaDgYMDFa3IOwIdH2AHyg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5035864222173.099? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8019191.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4614	42 B 64 B	92ms 91ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmCLPM2iIMhZdI7XRXofIaezlm3plnnP3bQyJe9sZEqj5RTfLPBqELUNbX2zRPYnCxTZCA_QnJesZdisQbh-rz-Q9DBu6-0wbP9gCTbQG5-3zIn4P4CpLS_gAsO0Qe6BM4sFtA4JRgTqRS&sai=AMfl-YQ5K26K842SpFQr_HeJIwWvUPfWp3TpzLjVzAXtAnxABwR9d-Bg8D9i0XXB393nfer77vppBOLwctwzxI5_mwwbc2Lnq37HCu2Gm-UvM_pZFjGZRaYYh51IZD2rxzBYlgdR8d1c1NRjcxYbgbqNQXZ3GvLps8UjHGgH&sig=Cg0ArKJSzP9F8J5wTQDBEAE&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702079344938&rpt=550&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame CFCC	42 B 64 B	92ms 91ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRAq8VKGqXRZ2oXzPaO56-KrG8iz3hoUGN9aU6IfX4o8GFJusyo4G1PQXCBYlR7HHqC0IlbnyTmXr0moFSN4-9VhJoqFn_pk-i31tyqshRxp0UDGsHILsvpeQHg8ezFpXLClJFcUYawlaO&sai=AMfl-YQi2XLVs-gs5seexP9ybMLgdqYHPtPfNvKSMyl66anKZIkfgxQWz0Zyhi9nLIQerZl27hvO_I57NkqZwS0usSVF4vLmGNfbN4Sn2Dx8Oi5pXHvhFnvqB3CZXh27j0_HLf2uOXlZNy_dNyKeAOkfHywj3-aAa3chI94z&sig=Cg0ArKJSzFaWznk6o21REAE&cid=CAQSTwDICaaN6gLfMWqgdUJO-I61ZlMm79gUybhDp-kVlKHnfuZGV1tHt0GH9aTfcox3x0EqVwNDpzZQKW5dbl-E-zUJ_8t-_wA5e27awH3PczEYAQ&id=lidar2&mcvt=1001&p=0,0,600,200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702079344940&rpt=535&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 2422	274 KB 91 KB	63ms 62ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 86617937754b0b45d3db4f18026e48be6988115fc64d6d58b3b607e50ea34f8d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:49:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93071 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 08 Dec 2023 23:49:06 GMT
POST H2	204	csi csi.gstatic.com/ Frame 48DD	0 54 B	145ms 145ms	Ping image/gif	2607:f8b0:4023:1::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpxa3g7p&c=5327146808986&slotId=2663573404493&umsem=0&met.4=vil.lpxa3gjy~vfl.lpxa3gn0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:06 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	tracking-event Show response api.webgains.io/ Frame 5516	16 B 209 B	66ms 66ms	Fetch application/json	35.177.10.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-10-97.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Fri, 08 Dec 2023 23:49:07 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	84ms 21ms	Preflight	35.177.10.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-10-97.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Fri, 08 Dec 2023 23:49:07 GMT server nginx
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E24C	0 28 B	88ms 87ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8733431420555&version=m202309260101&ct=77&x=1&cor=16005702488828652000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5516	0 28 B	88ms 88ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2304970524586&version=m202309260101&ct=77&x=1&cor=10880987486850576000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Fri, 08 Dec 2023 23:49:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT