gamingsym.in Open in urlscan Pro
72.167.124.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gamingsym.in/
Submission: On January 19 via manual (January 19th 2022, 10:18:49 am UTC) from NL — Scanned from NL

Summary HTTP 85 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 85 HTTP transactions. The main IP is 72.167.124.129, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is gamingsym.in.
TLS certificate: Issued by R3 on November 1st 2021. Valid for: 3 months.

This is the only time gamingsym.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	72.167.124.129 72.167.124.129	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:477a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a01:4f8:211:... 2a01:4f8:211:214f::2	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	104.108.144.24 104.108.144.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
85	23

29 72.167.124.129 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-72-167-124-129.ip.secureserver.net

gamingsym.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:477a (United States)

ASN13335 (CLOUDFLARENET, US)

static.iphoneitalia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:211:214f::2 (Germany)

ASN24940 (HETZNER-AS, DE)

www.deskmodder.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.241 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.243 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gamingsym.in gamingsym.in	433 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	296 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	69 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	4 KB
4	deskmodder.de www.deskmodder.de — Cisco Umbrella Rank: 804306	1 MB
4	iphoneitalia.com static.iphoneitalia.com	63 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	107 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 12328	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	416 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 516	43 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	23 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
85	18

	Domain	Requested by
29	gamingsym.in	gamingsym.in
14	pagead2.googlesyndication.com	gamingsym.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.deskmodder.de	gamingsym.in
4	static.iphoneitalia.com	gamingsym.in
3	www.google-analytics.com	gamingsym.in www.googletagmanager.com www.google-analytics.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	contextual.media.net	gamingsym.in
1	securepubads.g.doubleclick.net	gamingsym.in
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.ampproject.org	gamingsym.in
1	www.googletagmanager.com	gamingsym.in
1	fonts.googleapis.com	gamingsym.in
85	24

This site contains links to these domains. Also see Links.

Domain
mhthemes.com

Subject Issuer	Validity	Valid
gamingsym.in R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
iphoneitalia.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
deskmodder.de R3	`2021-11-26` - `2022-02-24`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.google.nl GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://gamingsym.in/
Frame ID: 7030BCF4CB786157DE1412E9D708DD64
Requests: 54 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 700FB8AB665759499B69183146B50F2B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/dmedianet.js
Frame ID: F8D15C49853BBEB018F429CA982A5D91
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 4343C85FBD157C222B3ACA8DE8577335
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/zrt_lookup.html
Frame ID: F4BEB70D39603C1AA0E621E7C0B9C00F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&adk=3826760629&adf=1341073466&lmt=1642587524&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgamingsym.in%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524737&bpp=2&bdt=817&idt=133&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7447068482717&frm=20&pv=2&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: 45AD109C17F49545B8D20584F3B26827
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&h=90&slotname=1622647550&adk=4060618467&adf=1548698899&pi=t.ma~as.1622647550&w=728&lmt=1642587524&psa=0&format=728x90&url=https%3A%2F%2Fgamingsym.in%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524739&bpp=1&bdt=820&idt=162&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7447068482717&frm=20&pv=1&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zGBIDa9cQk&p=https%3A//gamingsym.in&dtd=166
Frame ID: 2EF61EC8A202D37FA12AF285B067DCE8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARihgYCdATAB&v=APEucNWHBSxYi4VhgWoSwaDLiGsmSD9LJsJaV7h38Hp-D2hEXPeA7-hlz2Q9Hru5tEZv8QZUR-XNxclOtB9T9e5tUvJbbZMe-i_mCjAWIzw2LmlpX47Jn6sisxF7ykne0plQNBWu72c6dFE0vkD4OPy6On1kRV3IxSrRmwSDDtXPsM3mA44m6Yo
Frame ID: F55D452BB011E29ECE036F0F019DE9B6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23AB4A0FACB1516A8B9C6207C8B9FBEF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4AFB9E9A961F5D9414C6116A13E15EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3A9CAC7EC6DC0D1D7178AA6D616BED8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gamingsym - Level UP

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

85
Requests

95 %
HTTPS

68 %
IPv6

18
Domains

24
Subdomains

23
IPs

4
Countries

2363 kB
Transfer

3636 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1&C=1

Request Chain 63

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeflhZwnrAZ-cnBAMe70MAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUT5d2nSJjV1hmdOoWn4S8&google_cver=1

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELBjIz9nJNF4tRl9n7eFQTY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELBjIz9nJNF4tRl9n7eFQTY%26google_cver%3D1

Request Chain 65

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzM0Nzk3NTk1ODMzMTE4MQ%3D%3D

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gamingsym.in/ 151 KB
39 KB 760ms
412ms Document
text/html 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache / PHP/7.4.26
Resource Hash: 296a8e0c2b996d8664033587ea45a9aedc908b31c288938c042a5ce41b81119f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

x-powered-by: PHP/7.4.26
link: <https://gamingsym.in/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 39345
content-type: text/html; charset=UTF-8
date: Wed, 19 Jan 2022 10:18:43 GMT
server: Apache

GET
H2 200 style.min.css
gamingsym.in/wp-includes/css/dist/block-library/ 79 KB
10 KB 473ms
472ms Stylesheet
text/css 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 15:43:53 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10523
expires: max-age=A10368000, public

GET
H2 200 style.min.css
gamingsym.in/wp-content/plugins/ad-ace/assets/css/ 5 KB
1 KB 311ms
309ms Stylesheet
text/css 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.21
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 9dbbdfedbc6ce8ebad500036a3a93140213364f54dfd9b3348d714b9b4bd8447

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 13:57:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1441
expires: max-age=A10368000, public

GET
H2 200 shoppable-images-front.min.css
gamingsym.in/wp-content/plugins/ad-ace/assets/css/ 6 KB
1 KB 310ms
309ms Stylesheet
text/css 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.21
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 13:57:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1343
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b862b809cfe4835b1795ec5788bf374bac716aa66c941f5170fb1f500a04c56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 08:35:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 Jan 2022 10:18:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 style.css
gamingsym.in/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 377ms
376ms Stylesheet
text/css 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.1
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: ce92563e5283dfdd6eb7879e13175e64cab9bfd77d299808c692883de140aade

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 11:17:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 9229
expires: max-age=A10368000, public

GET
H2 200 font-awesome.min.css
gamingsym.in/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 310ms
310ms Stylesheet
text/css 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 11:17:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7053
expires: max-age=A10368000, public

GET
H2 200 a4pmw.js Show response
gamingsym.in/wp-content/cache/wpfc-minified/l28ck4j6/ 140 KB
46 KB 473ms
472ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/cache/wpfc-minified/l28ck4j6/a4pmw.js
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 2a75e3ea1b1b0eeb9cc5657170438b7bacea180b3ceac165f6eed496d6f25e36

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 04:36:48 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 47099
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 96ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175299361-1

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11fe0a19902b1be844064d4c5090c2ebfadba78cb4e46983cde19c0c8ea72a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36476
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 109ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8775992225118205

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93f9ac305678f7c4dc35a6288c66c3f91cda94235a5579664e617d33cf514ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gamingsym.in/
Origin: https://gamingsym.in
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52004
x-xss-protection: 0
server: cafe
etag: 13002176095752262948
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 78 KB
23 KB 117ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78e4ae257f4e3a91198582393132ce5c59b56702528d8c250f8180a96f1d74b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22081
x-xss-protection: 0
server: sffe
date: Wed, 19 Jan 2022 10:18:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "7f3cdfc2f49c3682"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 wp-embed.min.js Show response
gamingsym.in/wp-includes/js/ 1 KB
839 B 470ms
470ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 15:25:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 765
expires: max-age=A10368000, public

GET
H2 200 image.js Show response
gamingsym.in/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
760 B 491ms
491ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.8.2
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: b3b6f99745faa5d27e70cd17dd80c0eba1b9193a25fabbc21278cdea6ea3123b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 04:36:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 703
expires: max-age=A10368000, public

GET
H2 200 ads.png
gamingsym.in/wp-content/plugins/ad-inserter/images/ 95 B
134 B 169ms
168ms Image
image/png 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/plugins/ad-inserter/images/ads.png
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Wed, 19 Jan 2022 04:36:36 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 95
expires: max-age=A10368000, public

GET
H2 200 ads.js Show response
gamingsym.in/wp-content/plugins/ad-inserter/js/ 112 B
151 B 169ms
168ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.9
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 04:36:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 118
expires: max-age=A10368000, public

GET
H2 200 sponsors.js Show response
gamingsym.in/wp-content/plugins/ad-inserter/js/ 21 B
75 B 168ms
167ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.9
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 39bfd091996acd0ae970398c2814a732d21492e07c667aea4f25162ce67e6629

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Wed, 19 Jan 2022 04:36:47 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 21
expires: max-age=A10368000, public

GET
H2 200 banner.js Show response
gamingsym.in/wp-content/plugins/ad-inserter/js/ 24 B
55 B 169ms
168ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.9
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Wed, 19 Jan 2022 04:36:36 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 24
expires: max-age=A10368000, public

GET
H2 200 300x250.js Show response
gamingsym.in/wp-content/plugins/ad-inserter/js/ 25 B
79 B 168ms
167ms Script
application/javascript 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.9
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Wed, 19 Jan 2022 04:36:36 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 25
expires: max-age=A10368000, public

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 78ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gamingsym.in
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 419202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:52:02 GMT

GET
H2 200 fontawesome-webfont.woff2
gamingsym.in/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 166ms
165ms Font
application/font-woff2 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamingsym.in/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gamingsym.in/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://gamingsym.in
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Mon, 01 Nov 2021 11:17:36 GMT
server: Apache
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 77160
expires: max-age=A10368000, public

GET
H2 200 genshin-impact-22-2499611-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 21 KB
21 KB 310ms
309ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/genshin-impact-22-2499611-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 0d41323d5bcb986e861ea9554dd0c12763d805d5816c77c78c5179d1ee55c0e5

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 13:14:10 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 21208
expires: max-age=A10368000, public

GET
H2 200 wow-cadeau-sauvage-ou-trouver-obtenir-voile-hiver-2021-noel-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 12 KB
12 KB 310ms
309ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/wow-cadeau-sauvage-ou-trouver-obtenir-voile-hiver-2021-noel-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 0f952dbc70778616d18f8452ac1e6120d34a49dc5144baafcf39a613dab88687

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 09:27:15 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12115
expires: max-age=A10368000, public

GET
H2 200 vignette-forza-horizon-5-super-berline-liste-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 31 KB
32 KB 312ms
311ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/vignette-forza-horizon-5-super-berline-liste-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 2cd82d9a5ff91ba26a3106b99bc41abcabec2621c3fdb55c93a30b39cd7f1b8b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 10:03:50 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 32027
expires: max-age=A10368000, public

GET
H2 200 vignette-gta-5-saut-unique-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 29 KB
29 KB 311ms
310ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/vignette-gta-5-saut-unique-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 6ed4d9c086dc5fed6b77896086e08e916d8e08db2c05d0eeb5924039537fb04b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 11:35:06 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 29287
expires: max-age=A10368000, public

GET
H2 200 vignette-dofus-bug-danse-dissonance-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 27 KB
28 KB 311ms
309ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/vignette-dofus-bug-danse-dissonance-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: cb48d14bf71bcb7509b06fdd0defd171755a0630a407036f1e7c25d6624192fe

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 11:53:07 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 28094
expires: max-age=A10368000, public

GET
H2 200 ou-sont-les-sapins-de-noel-dans-fortnite-fete-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 21 KB
21 KB 474ms
472ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/ou-sont-les-sapins-de-noel-dans-fortnite-fete-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: a2682b64537c0da24e9326a5b82b1ce7e8c9a9f33ce7b052c87eddbeb5356528

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 14:33:06 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 21745
expires: max-age=A10368000, public

GET
H2 200 vignette-fouiller-un-coffre-sous-un-sapin-de-noel-defi-fortnite-fete-hivernal-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 18 KB
18 KB 310ms
309ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/vignette-fouiller-un-coffre-sous-un-sapin-de-noel-defi-fortnite-fete-hivernal-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 7bb8f12123a317626c385499ea2e5284d636cd17473540b276df55eeb1f3afb0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 14:42:05 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 18724
expires: max-age=A10368000, public

GET
H2 200 1640358544_840_560-326x245.jpeg
gamingsym.in/wp-content/uploads/2021/12/ 19 KB
20 KB 309ms
309ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/1640358544_840_560-326x245.jpeg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 58d6aa609e0e6a1ea707c29641703305ae684a8a364ff84b493b2e56c61c1014

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 15:09:05 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 19929
expires: max-age=A10368000, public

GET
H2 200 forza-horizon_5_news_banner-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 16 KB
17 KB 473ms
472ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/forza-horizon_5_news_banner-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 4a19f1932b6fb539c0e3cf60749dcbc2c80ac1002bc4af75a2a4a2fd611968ec

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 17:53:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 16760
expires: max-age=A10368000, public

GET
H2 200 vignette-tft-stats-trackergg-326x245.jpg
gamingsym.in/wp-content/uploads/2021/12/ 33 KB
33 KB 472ms
472ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/12/vignette-tft-stats-trackergg-326x245.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: c4f60a87b410718c86de1b8f64ee13dc802bf4343232a2ee0cad2bccbe57b960

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Fri, 24 Dec 2021 18:02:06 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 34002
expires: max-age=A10368000, public

GET
H2 200 online-games-without-registrationn-80x60.jpg
gamingsym.in/wp-content/uploads/2021/11/ 3 KB
3 KB 299ms
298ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/11/online-games-without-registrationn-80x60.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 3dbe4b36c0c1c431f00de2a31f764182f66f0c4df7b3e0308458e7fb5767f4ae

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Sat, 20 Nov 2021 08:04:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2750
expires: max-age=A10368000, public

GET
H2 200 costco-folding-chairs-80x60.jpg
gamingsym.in/wp-content/uploads/2021/11/ 3 KB
3 KB 299ms
298ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/11/costco-folding-chairs-80x60.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 7d9c0213cb5d524ce6045ea8259199da3185c1967c2062d41df4e5e3e2ae420d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Thu, 18 Nov 2021 15:55:20 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2698
expires: max-age=A10368000, public

GET
H2 200 Fortnite-Custom-Air-Pods-Case-Cover-678x381-1-80x60.jpg
gamingsym.in/wp-content/uploads/2021/11/ 3 KB
3 KB 299ms
298ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/11/Fortnite-Custom-Air-Pods-Case-Cover-678x381-1-80x60.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: 1efa7f2e4651f4cca2e2b637010078cb4573470b30c5aff686f4415c6789c963

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Thu, 18 Nov 2021 14:46:01 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2855
expires: max-age=A10368000, public

GET
H2 200 ff-80x60.jpeg
gamingsym.in/wp-content/uploads/2021/11/ 2 KB
2 KB 298ms
298ms Image
image/jpeg 72.167.124.129
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamingsym.in/wp-content/uploads/2021/11/ff-80x60.jpeg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.167.124.129 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-72-167-124-129.ip.secureserver.net
Software: Apache /
Resource Hash: e6e597bf1707eb4cf6c87654131d990ed0dc9e3a709198aad749d82557826fb0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
last-modified: Mon, 01 Nov 2021 14:02:59 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1995
expires: max-age=A10368000, public

GET
H2 200 apple-neso.jpeg
static.iphoneitalia.com/wp-content/uploads/2021/11/ 6 KB
7 KB 97ms
36ms Image
image/jpeg 2606:4700:20::ac43:477a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.iphoneitalia.com/wp-content/uploads/2021/11/apple-neso.jpeg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:477a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b093b0f0a38f08f3f0eaa54f9b5f18004468f9088b74ce9b448449b53b1d38de

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13952
x-cache: MISS
x-cache-hits: 0
content-length: 6556
pragma: public
last-modified: Wed, 24 Nov 2021 08:00:24 GMT
server: cloudflare
etag: "619df118-199c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-UA-Device, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5whpbIssJCy3OI5446T0tXuyV%2F9J8Bw6tJIY%2BgYXHKOmRfm0exp8rQ9VuNM7gUXP9cpLCEUvKUIg0S7cdCwX2yAJMLakORfiF1Y4Ua5FvNjcEli1KwMYzz0DB4AcjDgliyHMRgpSlzgy%2BBGc5bGC8bPmG4dv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 02 Feb 2022 06:26:12 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6cff521d6dc25c80-FRA
cf-bgj: h2pri

GET
H2 200 csam-iphone.jpg
static.iphoneitalia.com/wp-content/uploads/2021/08/ 32 KB
32 KB 124ms
63ms Image
image/jpeg 2606:4700:20::ac43:477a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.iphoneitalia.com/wp-content/uploads/2021/08/csam-iphone.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:477a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebe50d29a98c1f33d40d5b42491f8bb649916c1e277c0565a41cbc578acaa10

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13952
x-cache: MISS
x-cache-hits: 0
content-length: 32717
pragma: public
last-modified: Wed, 18 Aug 2021 16:01:20 GMT
server: cloudflare
etag: "611d2ed0-7fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-UA-Device, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtabSAJaAbATrfqCaJji7qaXBZJZC5Oo4WlXwK2FzD1tHWQMBe1U1v6UPbwjfVdQmGuQlBslgp2m8YIgXjXJgfBnMaNFP6euoPP2OrMjJ0yr6A8leurnHuYDaqL96gK3KPfMmsDXvfaM6ZqsFmVQTHJ5pnKm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 02 Feb 2022 06:26:12 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6cff521d6dc45c80-FRA
cf-bgj: h2pri

GET
H2 200 ios-15.2-ripirstino.jpg
static.iphoneitalia.com/wp-content/uploads/2021/12/ 14 KB
15 KB 102ms
42ms Image
image/jpeg 2606:4700:20::ac43:477a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.iphoneitalia.com/wp-content/uploads/2021/12/ios-15.2-ripirstino.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:477a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b75529fca5684fe688e9fae050e24cf493aa154fe9c80358eb94dabe68b2c32

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13952
x-cache: MISS
x-cache-hits: 0
content-length: 14573
pragma: public
last-modified: Wed, 15 Dec 2021 12:14:09 GMT
server: cloudflare
etag: "61b9dc11-38ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-UA-Device, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2By3lVq4muSyrq5n6tCbDuFLejVd4ZS%2FE7yHVZOSuqZ2xFchw9%2FbrRQzhPS5FZNo%2ByVtbGUIYXvuYUC%2BKSNYKuP6fkPGcth2C0UAZiKzzxlye1DcVE1p%2BE%2BDCSOau81a0kxZ0c6QzTKQVBMILA6jMTuVhMW4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 02 Feb 2022 06:26:12 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6cff521d6dc65c80-FRA
cf-bgj: h2pri

GET
H2 200 apple-music.jpg
static.iphoneitalia.com/wp-content/uploads/2021/11/ 8 KB
9 KB 100ms
39ms Image
image/jpeg 2606:4700:20::ac43:477a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.iphoneitalia.com/wp-content/uploads/2021/11/apple-music.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:477a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac22831dfaa062f4c8c41fb94a7c33bd52ad81b6c7f3a1fccef80f2f5f9fa12

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13952
x-cache: MISS
x-cache-hits: 0
content-length: 8368
pragma: public
last-modified: Tue, 30 Nov 2021 19:17:20 GMT
server: cloudflare
etag: "61a678c0-20b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-UA-Device, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B9g3cvXJoxPL4OL5SCVDsKw2zPWHn%2FFasnpjn31l1kQJd0GlNPkKX18cYxw6zlBLOkqDlY92CQ%2F0mU6BSHTjjX7mtaEdKq1CwUNMG5GF2pyuSE8fucENToaoCAxmR7CPwNh9S1umcMWLccogExJCO9TYhex"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 02 Feb 2022 06:26:12 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6cff521d6dc75c80-FRA
cf-bgj: h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 123ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/wp-content/cache/wpfc-minified/l28ck4j6/a4pmw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302e8305bfce4eefbf9eacc64d064e20d6906624cb86f0539ccbe3039f33355a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52051
x-xss-protection: 0
server: cafe
etag: 753775686277980612
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H/1.1 200
OK screenshot-20211217-081247-chrome.jpg
www.deskmodder.de/blog/wp-content/uploads/2021/12/ 25 KB
25 KB 97ms
28ms Image
image/jpeg 2a01:4f8:211:214f::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deskmodder.de/blog/wp-content/uploads/2021/12/screenshot-20211217-081247-chrome.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:211:214f::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 24ba5f38a61f8e37ca889c9c461b36a2019b74cc59b6aebcb5633aadbb868997

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 10:18:44 GMT
Last-Modified: Fri, 17 Dec 2021 07:21:06 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 25621
Expires: Thu, 19 May 2022 10:18:44 GMT

GET
H/1.1 200
OK powershell-730.jpg
www.deskmodder.de/blog/wp-content/uploads/2021/12/ 365 KB
365 KB 97ms
28ms Image
image/jpeg 2a01:4f8:211:214f::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deskmodder.de/blog/wp-content/uploads/2021/12/powershell-730.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:211:214f::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 3f2059545f0105e747524f30d894c310fd1a178867f12d248da002876aad26b2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 10:18:44 GMT
Last-Modified: Fri, 17 Dec 2021 06:19:02 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 373425
Expires: Thu, 19 May 2022 10:18:44 GMT

GET
H/1.1 200
OK sysinternals-500x347-1.jpg
www.deskmodder.de/blog/wp-content/uploads/2021/01/ 40 KB
40 KB 97ms
28ms Image
image/jpeg 2a01:4f8:211:214f::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deskmodder.de/blog/wp-content/uploads/2021/01/sysinternals-500x347-1.jpg
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:211:214f::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 0eeb974c07ad970822f9d21533b72c71f60d5f93237020f098ba3d18499a1fbf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 10:18:44 GMT
Last-Modified: Mon, 11 Jan 2021 11:47:22 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 41026
Expires: Thu, 19 May 2022 10:18:44 GMT

GET
H/1.1 200
OK adventskalender-2019.png
www.deskmodder.de/blog/wp-content/uploads/2019/10/ 735 KB
735 KB 78ms
25ms Image
image/png 2a01:4f8:211:214f::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deskmodder.de/blog/wp-content/uploads/2019/10/adventskalender-2019.png
Requested by: Host: gamingsym.in
URL: https://gamingsym.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:211:214f::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 53703c4f164f44a21982cd0653d77c81d75ded6462437be4826ec5ca27402cde

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 10:18:44 GMT
Last-Modified: Sun, 20 Oct 2019 12:38:23 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 752244
Expires: Thu, 19 May 2022 10:18:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 700F 78 KB
27 KB 97ms
39ms Document
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 26965
date: Wed, 19 Jan 2022 10:18:44 GMT
expires: Wed, 19 Jan 2022 10:18:44 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1106 / 761 of 1000 / last-modified: 1642585325"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dmedianet.js Show response
contextual.media.net/ Frame F8D1 128 KB
43 KB 130ms
65ms Document
text/javascript 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9a82cd239fce2fe688d6a57bfb0505519bcb2fbacd9842bdb0c8ebbb793df107

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

server: Apache
content-type: text/javascript; charset=utf-8
x-mnt-h: 10-2
x-mnt-w: 8-31
etag: "e76c44f0a194cea7e2aaad322aa34906"
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Wed, 19 Jan 2022 10:23:44 GMT
date: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4343 49 KB
20 KB 109ms
34ms Document
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 19 Jan 2022 09:01:06 GMT
expires: Wed, 19 Jan 2022 11:01:06 GMT
cache-control: public, max-age=7200
age: 4658
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175299361-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4658
date: Wed, 19 Jan 2022 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 19 Jan 2022 11:01:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 284 KB
102 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8775992225118205&plah=gamingsym.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8775992225118205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dff4b9bacd93f97afd67c967036d82e9b4ac4bd6c47931924984d276b372512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104506
x-xss-protection: 0
server: cafe
etag: 13137405772287323929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jan 2022 10:18:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/ Frame F4BE 11 KB
5 KB 95ms
31ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8775992225118205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Tue, 18 Jan 2022 19:09:26 GMT
expires: Tue, 01 Feb 2022 19:09:26 GMT
cache-control: public, max-age=1209600
age: 54558
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
30ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1708833645&t=pageview&_s=1&dl=https%3A%2F%2Fgamingsym.in%2F&ul=en-us&de=UTF-8&dt=Gamingsym%20-%20Level%20UP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1676624487&gjid=1876610003&cid=62989542.1642587525&tid=UA-175299361-1&_gid=954193813.1642587525&_r=1&gtm=2ou1c0&z=2069151546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamingsym.in/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gamingsym.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
416 B 46ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gamingsym.in&callback=_gfp_s_&client=ca-pub-8775992225118205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8775992225118205&plah=gamingsym.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e1461a1fd64838fefbd7b0bb9464f468cdbf15af3d4cb3a5abe451b9d6cc9687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 108ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=gamingsym.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 96ms
35ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gamingsym.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 Jan 2022 10:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgamingsym.in%2F&tn=DIV&cls=adace-slideup-slot-wrap%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: gamingsym.in
URL: https://gamingsym.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45AD 0
19 B 138ms
98ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&adk=3826760629&adf=1341073466&lmt=1642587524&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgamingsym.in%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524737&bpp=2&bdt=817&idt=133&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7447068482717&frm=20&pv=2&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 19 Jan 2022 10:18:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 19 Jan 2022 10:18:45 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 76ms
22ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-175299361-1&cid=62989542.1642587525&jid=1676624487&gjid=1876610003&_gid=954193813.1642587525&_u=YEBAAUAAAAAAAC~&z=703721803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamingsym.in/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 19 Jan 2022 10:18:44 GMT
content-type: text/plain
access-control-allow-origin: https://gamingsym.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2EF6 14 KB
7 KB 519ms
488ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&h=90&slotname=1622647550&adk=4060618467&adf=1548698899&pi=t.ma~as.1622647550&w=728&lmt=1642587524&psa=0&format=728x90&url=https%3A%2F%2Fgamingsym.in%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524739&bpp=1&bdt=820&idt=162&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7447068482717&frm=20&pv=1&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zGBIDa9cQk&p=https%3A//gamingsym.in&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c415da3c762da4270c015798ab4c4cbcd9a1bb90f5c586edaf203d81a5c4f87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 19 Jan 2022 10:18:45 GMT
server: cafe
content-length: 7555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 19 Jan 2022 10:18:45 GMT
cache-control: private

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EF6 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpAkC9bcyYdF1Cv4uIB75Du7AxdRZ7jqBRQvLLDLJxvmxTES65mzzKNYxSBd6RnGkEBEbDp6kllQhKAkfkVmhDFTKs-4B2vmh_s95HynY6_oLo5Rg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&h=90&slotname=1622647550&adk=4060618467&adf=1548698899&pi=t.ma~as.1622647550&w=728&lmt=1642587524&psa=0&format=728x90&url=https%3A%2F%2Fgamingsym.in%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524739&bpp=1&bdt=820&idt=162&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7447068482717&frm=20&pv=1&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zGBIDa9cQk&p=https%3A//gamingsym.in&dtd=166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 2EF6 2 KB
1 KB 94ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Feb 2022 10:17:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 2EF6 15 KB
7 KB 93ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 09:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Feb 2022 09:46:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EF6 121 KB
38 KB 111ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jan 2022 10:18:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F55D 624 B
300 B 36ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARihgYCdATAB&v=APEucNWHBSxYi4VhgWoSwaDLiGsmSD9LJsJaV7h38Hp-D2hEXPeA7-hlz2Q9Hru5tEZv8QZUR-XNxclOtB9T9e5tUvJbbZMe-i_mCjAWIzw2LmlpX47Jn6sisxF7ykne0plQNBWu72c6dFE0vkD4OPy6On1kRV3IxSrRmwSDDtXPsM3mA44m6Yo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&h=90&slotname=1622647550&adk=4060618467&adf=1548698899&pi=t.ma~as.1622647550&w=728&lmt=1642587524&psa=0&format=728x90&url=https%3A%2F%2Fgamingsym.in%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524739&bpp=1&bdt=820&idt=162&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7447068482717&frm=20&pv=1&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zGBIDa9cQk&p=https%3A//gamingsym.in&dtd=166

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 19 Jan 2022 10:18:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 19 Jan 2022 10:18:45 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2EF6 54 KB
27 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhN3XbvpCJBNZPBir7oO9vrls5B3GB_SLOcYJN2psdxMqm6x1_SyRU9zT7X2Zjm9nq62xomoCqzZG683r47YKAIc1L6q_sjWeM3HXdGiVQJKA919pf4Lq5QQVKehYNUqTZgEmssMqG0EYIeIBKF1wj_TyUTA&dbm_d=AKAmf-AiZ_2X2xZLoB3L29Y2JmDgzxlj8aujlygNcdpEtnme9hhTZBGgv6cg34ZybBpQQ-bb6TDKajODcQR8EJfkIA9sAaU3bOGWnt0009Gj4Gzqb3-WuSyZ53GGLcO4jqg9tZ4cRS3clN5RwZTSE4S2tD4gK_PtezwqGNHJShIcJ8lXatPUvKBp0Sor4hbb6X6znsaN8Vx3KumvcsP0kX9zi70dtkgMpqWganUjWrkIj2phPbRSPJJYDPqvzuLSfRnhbYErB2zJVPPdzoVby4Dvm2ud5PeshTBYdQ0JqVKua81WZDFVnaKyHBTG6IDBU85VS5xEG2b9VtSQ-hVNkIUHXBcNoDwG7Ow4vxzk4dp-x1p80g4PH8ZgrEBU-nEyCbmltSfJ1PD8-PCt9Myc1MeY0DIKGvnKGrxWYMvEQgaahTBSxfo0igxmIgHsEGu_xlSLdD7Q2lkQaA8BYyjl_9pUCGov8-aLwexq2ry0nO183WEpf42aCkdzT4lWYJhGl8DFYLNGD1naifrgB59hy4cQsYQX7j1b1KEMnSwMTgDTvuELM9fP_ahVAAE5ez5r2BwtocRztlZ2ZunD70eF0X0Ov0cNFvL6MW4XpqgR-j_RsjSOV6BGMOhdl4_l6FKGrrZgiZdnc2rY0JboghX9Fd9wMvVSEAdDjELYJIu8U0lsEwSWf0MVkIc-3-9fZ3860EQ7MWkVKqk2uFziLsjjjSIz9HXDKTmwSoKWcaqCJ2AAzNW2enmg-Z2T3R9gDf0qmOdxqF9-W9Gi0fuCqV8pka44zoiyVuZG3d3p3dUke1AXDHc6vQi-DDv9ZVsNlJvFipBrVaR1bGqxyV21sAxI_WRuc31qdviEZBnGIKOdSFG1MTFUsIN0uq0BzAcIhmy6jY6c7YpqLEmnAyeJEurQ84q0XFCoUqrd89bhd6K-vIcsLEzCI1LP-5MTNsfmViX09-HN1YeUUc-hpXhanM_OQ5De4Y6PnkN2lU7NOPm6pTdWXZblf8W6Iy93OOJLnxxCMcCycm06Et9dUY8FagzAz3GCHEJHJxzRVndoQsT4ad1nEKw-UIfrlYPbzu0PiOPJhlnVhkOQNnub-gGwmPvevRHjB8Fp75P6XFirbL2u-FryJrWzyNaqzyDf0vKf3R-Hr7n2lFSRtkzsgDo6wSM6WlLU5yRPEzTqQpP87xv2IZ2vLRF3AkxL8IItGQAWeZexonPFoDV9WPlZ0s83xjrN2D-mJ237BKeUNoQx7opX70dD32PtEZiSzlwUQazJ0OSTtZLb0NS81VQkihEL4qQ5m4a7kZ6KdsoVjmGGjN59RSUFfIQh2pKK5DMSsw9V_7Ak1luHxNwa-FWZ0eC8BL3seDZKTZiWzl2PibKDd3ZR3D7RcxQvKHp5-YPivxplHXV2XlSlOZLspsinqlsj2jwIW9_CowZ-Fw0KoftkLdzXxCQct6mDXGsZlTd97JCU61H6xWpRTOxR96iy3fKstbowV8YjHKCqUJsYkJTDPg3AuNEUCntj4Ab8zzD8JSddZiU7IT_UuZOxaq17X5AoRjCMmCvC3b1WOaSosLRpjVxBNZzHDHtlwr_kQ743UfIaH1nrWjedYBKOjxOlXBBkCZ4H6xDZc54dpc1mPZ7EK142csuOfCyJRvHKvcTzOd0K5vwr4tBzkEJqKlkpWrxT4wg_qGekBqiLUFn4bBRjsGQoEOI4LA_WVMeLmFDw5Digy8y5eWlDyZPj6SftPawHAb9PACp3YXPFDVVaUUokjcHBs60p6FJ6oPZ6g5CQBARo4shdlOdqxJB42V3bV1A1HGtGyq5cvbDz4O6FBkl99caSNvclXP6ROLgXPkeHAh1CEyngnZR0KBO-pSkNM_OEfVkQs6CXr65TFCO_50Ypj9I3lWJeunotNtXSOkuoqSy3vU-5VI_qpGBUKS5aV14OE8EeC0jNvADJU-0ffjXMRmFY2rMZYr-i_WBfK1VjS7TwqO52Grth5qeZdyQVwan-8VNtyPoM9YzDkhnQkndakH0P69k7OmLd8uYecB853CHjup72lFxzbOrq8L6W5UXUOC_NfNjCl06A_DmXrCL1-HStGz88JDDa1PQbnOB74NHfh3rd5bLpEJk4r9mwLTDRAa-m7Zb7Mkr7IJ6hJYqdqJICR2y-2h1_v0rv9Hzrm55idDIDMA7RgeEOQkgWTdyuzNR6qUFPMXJ8gnD0XZplOybFXJDOLan5BpVUIjsyHLuwRxWc-FQyBqEaZsxSdSXD3d2Q_u9Jo8iaGAAVVQnX1EsbCLpqyDj4E9kI-VchYXFo30laxmV_hnNNoNsgLxRe8pelSc3X3WKIZoh1Fbo4R_oC-3Wpu8tZDl1ZH-KoBSRrZJ2fhycyG4nNAgQpEb0SniUHHA6pdIG-PDvrFvqlLtx3P39UpwbTvm0h3iOYpOjv8SpAqOJmaUmSqgc4O4-gjuErR-4ern3Pl_ENlk_1L2SDWBHoBXYsxAxGKwJkzywLc6rorUSfKHVEPjulHdPAu8cpKpHnwiLUKLqbXTDsSSdGZtUEimbwV0vb0aO4GXcR8H2sIMYvQeHygkd0qvLm1QGlb0bhfiETq4jCmK8fW0qt36Ay0bQuMKbRO0Sf8CBC6RRciIvbMFshECz7JlzZ3tti6tQjOum51ETD84P6_FFQllNp_TtXPAK9unoNf4bWlObgZI-HYMYcAX2YdL3zydN44riTW7RG7AuN7rpfAk4iD_UanjOG57wZL8-PZyPdBO3jbGYOl13zT5B6iw6dcS3rngr1YyWyOx9qSy1X2MeR3VLkoZb0V94Xo8wAaEqxY6C6_M8bKVHCdXxsz16Ek5T-7oTkFQ2XeHDI8T8gQtL-w6_7wtdChR3l1VRCD_p6QH_eMzYbzUsw5uH5mrdAnhQXRL30OUzkElSG0FL5vb4ekfm_TFuHasUM1BlbEtdlfUByphBk92qRfjbymiKdm2S0cQicK2V4GxVfB61t7gA37HiA4kSCrXUzevk&cid=CAASBORowu8&rfl=1%2Chttps%253A%252F%252Fgamingsym.in%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa198d3073d83623072281cfcb3a99dbdb6aa33445268a047f6aa0e06f84cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8775992225118205&output=html&h=90&slotname=1622647550&adk=4060618467&adf=1548698899&pi=t.ma~as.1622647550&w=728&lmt=1642587524&psa=0&format=728x90&url=https%3A%2F%2Fgamingsym.in%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642587524739&bpp=1&bdt=820&idt=162&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7447068482717&frm=20&pv=1&ga_vid=62989542.1642587525&ga_sid=1642587525&ga_hid=1708833645&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064070%2C21065724%2C44756897&oid=2&pvsid=4281194643375076&pem=774&tmod=316&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zGBIDa9cQk&p=https%3A//gamingsym.in&dtd=166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27599
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F55D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1&C=1

43 B
1014 B

60ms
60ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARihgYCdATAB&v=APEucNWHBSxYi4VhgWoSwaDLiGsmSD9LJsJaV7h38Hp-D2hEXPeA7-hlz2Q9Hru5tEZv8QZUR-XNxclOtB9T9e5tUvJbbZMe-i_mCjAWIzw2LmlpX47Jn6sisxF7ykne0plQNBWu72c6dFE0vkD4OPy6On1kRV3IxSrRmwSDDtXPsM3mA44m6Yo
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 19 Jan 2022 10:18:45 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-ZT0ZwV8PybUvqagFeMHY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 19 Jan 2022 10:18:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F55D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeflhZwnrAZ-cnBAMe70MAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUT5d2nSJjV1hmdOoWn4S8&google_cver=1

43 B
894 B

36ms
36ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUT5d2nSJjV1hmdOoWn4S8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARihgYCdATAB&v=APEucNWHBSxYi4VhgWoSwaDLiGsmSD9LJsJaV7h38Hp-D2hEXPeA7-hlz2Q9Hru5tEZv8QZUR-XNxclOtB9T9e5tUvJbbZMe-i_mCjAWIzw2LmlpX47Jn6sisxF7ykne0plQNBWu72c6dFE0vkD4OPy6On1kRV3IxSrRmwSDDtXPsM3mA44m6Yo
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 19 Jan 2022 10:18:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUT5d2nSJjV1hmdOoWn4S8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F55D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELBjIz9nJNF4tRl9n7eFQTY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELBjIz9nJNF4tRl9n7eFQTY%26google_cver%3D1

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELBjIz9nJNF4tRl9n7eFQTY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARihgYCdATAB&v=APEucNWHBSxYi4VhgWoSwaDLiGsmSD9LJsJaV7h38Hp-D2hEXPeA7-hlz2Q9Hru5tEZv8QZUR-XNxclOtB9T9e5tUvJbbZMe-i_mCjAWIzw2LmlpX47Jn6sisxF7ykne0plQNBWu72c6dFE0vkD4OPy6On1kRV3IxSrRmwSDDtXPsM3mA44m6Yo

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
X-Proxy-Origin: 95.211.146.76; 95.211.146.76; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eac6ea84-ea2a-43b8-83dd-9ff2f0f4e660
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
X-Proxy-Origin: 95.211.146.76; 95.211.146.76; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 868576c8-45c0-46ce-99cc-c47225fd7708
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELBjIz9nJNF4tRl9n7eFQTY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F55D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzM0Nzk3NTk1ODMzMTE4MQ%3D%3D

170 B
188 B

60ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzM0Nzk3NTk1ODMzMTE4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jan 2022 10:18:45 GMT
X-Proxy-Origin: 95.211.146.76; 95.211.146.76; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b6782e2a-d80d-4a19-8e19-213dd8423333
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzM0Nzk3NTk1ODMzMTE4MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 2EF6 24 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhN3XbvpCJBNZPBir7oO9vrls5B3GB_SLOcYJN2psdxMqm6x1_SyRU9zT7X2Zjm9nq62xomoCqzZG683r47YKAIc1L6q_sjWeM3HXdGiVQJKA919pf4Lq5QQVKehYNUqTZgEmssMqG0EYIeIBKF1wj_TyUTA&dbm_d=AKAmf-AiZ_2X2xZLoB3L29Y2JmDgzxlj8aujlygNcdpEtnme9hhTZBGgv6cg34ZybBpQQ-bb6TDKajODcQR8EJfkIA9sAaU3bOGWnt0009Gj4Gzqb3-WuSyZ53GGLcO4jqg9tZ4cRS3clN5RwZTSE4S2tD4gK_PtezwqGNHJShIcJ8lXatPUvKBp0Sor4hbb6X6znsaN8Vx3KumvcsP0kX9zi70dtkgMpqWganUjWrkIj2phPbRSPJJYDPqvzuLSfRnhbYErB2zJVPPdzoVby4Dvm2ud5PeshTBYdQ0JqVKua81WZDFVnaKyHBTG6IDBU85VS5xEG2b9VtSQ-hVNkIUHXBcNoDwG7Ow4vxzk4dp-x1p80g4PH8ZgrEBU-nEyCbmltSfJ1PD8-PCt9Myc1MeY0DIKGvnKGrxWYMvEQgaahTBSxfo0igxmIgHsEGu_xlSLdD7Q2lkQaA8BYyjl_9pUCGov8-aLwexq2ry0nO183WEpf42aCkdzT4lWYJhGl8DFYLNGD1naifrgB59hy4cQsYQX7j1b1KEMnSwMTgDTvuELM9fP_ahVAAE5ez5r2BwtocRztlZ2ZunD70eF0X0Ov0cNFvL6MW4XpqgR-j_RsjSOV6BGMOhdl4_l6FKGrrZgiZdnc2rY0JboghX9Fd9wMvVSEAdDjELYJIu8U0lsEwSWf0MVkIc-3-9fZ3860EQ7MWkVKqk2uFziLsjjjSIz9HXDKTmwSoKWcaqCJ2AAzNW2enmg-Z2T3R9gDf0qmOdxqF9-W9Gi0fuCqV8pka44zoiyVuZG3d3p3dUke1AXDHc6vQi-DDv9ZVsNlJvFipBrVaR1bGqxyV21sAxI_WRuc31qdviEZBnGIKOdSFG1MTFUsIN0uq0BzAcIhmy6jY6c7YpqLEmnAyeJEurQ84q0XFCoUqrd89bhd6K-vIcsLEzCI1LP-5MTNsfmViX09-HN1YeUUc-hpXhanM_OQ5De4Y6PnkN2lU7NOPm6pTdWXZblf8W6Iy93OOJLnxxCMcCycm06Et9dUY8FagzAz3GCHEJHJxzRVndoQsT4ad1nEKw-UIfrlYPbzu0PiOPJhlnVhkOQNnub-gGwmPvevRHjB8Fp75P6XFirbL2u-FryJrWzyNaqzyDf0vKf3R-Hr7n2lFSRtkzsgDo6wSM6WlLU5yRPEzTqQpP87xv2IZ2vLRF3AkxL8IItGQAWeZexonPFoDV9WPlZ0s83xjrN2D-mJ237BKeUNoQx7opX70dD32PtEZiSzlwUQazJ0OSTtZLb0NS81VQkihEL4qQ5m4a7kZ6KdsoVjmGGjN59RSUFfIQh2pKK5DMSsw9V_7Ak1luHxNwa-FWZ0eC8BL3seDZKTZiWzl2PibKDd3ZR3D7RcxQvKHp5-YPivxplHXV2XlSlOZLspsinqlsj2jwIW9_CowZ-Fw0KoftkLdzXxCQct6mDXGsZlTd97JCU61H6xWpRTOxR96iy3fKstbowV8YjHKCqUJsYkJTDPg3AuNEUCntj4Ab8zzD8JSddZiU7IT_UuZOxaq17X5AoRjCMmCvC3b1WOaSosLRpjVxBNZzHDHtlwr_kQ743UfIaH1nrWjedYBKOjxOlXBBkCZ4H6xDZc54dpc1mPZ7EK142csuOfCyJRvHKvcTzOd0K5vwr4tBzkEJqKlkpWrxT4wg_qGekBqiLUFn4bBRjsGQoEOI4LA_WVMeLmFDw5Digy8y5eWlDyZPj6SftPawHAb9PACp3YXPFDVVaUUokjcHBs60p6FJ6oPZ6g5CQBARo4shdlOdqxJB42V3bV1A1HGtGyq5cvbDz4O6FBkl99caSNvclXP6ROLgXPkeHAh1CEyngnZR0KBO-pSkNM_OEfVkQs6CXr65TFCO_50Ypj9I3lWJeunotNtXSOkuoqSy3vU-5VI_qpGBUKS5aV14OE8EeC0jNvADJU-0ffjXMRmFY2rMZYr-i_WBfK1VjS7TwqO52Grth5qeZdyQVwan-8VNtyPoM9YzDkhnQkndakH0P69k7OmLd8uYecB853CHjup72lFxzbOrq8L6W5UXUOC_NfNjCl06A_DmXrCL1-HStGz88JDDa1PQbnOB74NHfh3rd5bLpEJk4r9mwLTDRAa-m7Zb7Mkr7IJ6hJYqdqJICR2y-2h1_v0rv9Hzrm55idDIDMA7RgeEOQkgWTdyuzNR6qUFPMXJ8gnD0XZplOybFXJDOLan5BpVUIjsyHLuwRxWc-FQyBqEaZsxSdSXD3d2Q_u9Jo8iaGAAVVQnX1EsbCLpqyDj4E9kI-VchYXFo30laxmV_hnNNoNsgLxRe8pelSc3X3WKIZoh1Fbo4R_oC-3Wpu8tZDl1ZH-KoBSRrZJ2fhycyG4nNAgQpEb0SniUHHA6pdIG-PDvrFvqlLtx3P39UpwbTvm0h3iOYpOjv8SpAqOJmaUmSqgc4O4-gjuErR-4ern3Pl_ENlk_1L2SDWBHoBXYsxAxGKwJkzywLc6rorUSfKHVEPjulHdPAu8cpKpHnwiLUKLqbXTDsSSdGZtUEimbwV0vb0aO4GXcR8H2sIMYvQeHygkd0qvLm1QGlb0bhfiETq4jCmK8fW0qt36Ay0bQuMKbRO0Sf8CBC6RRciIvbMFshECz7JlzZ3tti6tQjOum51ETD84P6_FFQllNp_TtXPAK9unoNf4bWlObgZI-HYMYcAX2YdL3zydN44riTW7RG7AuN7rpfAk4iD_UanjOG57wZL8-PZyPdBO3jbGYOl13zT5B6iw6dcS3rngr1YyWyOx9qSy1X2MeR3VLkoZb0V94Xo8wAaEqxY6C6_M8bKVHCdXxsz16Ek5T-7oTkFQ2XeHDI8T8gQtL-w6_7wtdChR3l1VRCD_p6QH_eMzYbzUsw5uH5mrdAnhQXRL30OUzkElSG0FL5vb4ekfm_TFuHasUM1BlbEtdlfUByphBk92qRfjbymiKdm2S0cQicK2V4GxVfB61t7gA37HiA4kSCrXUzevk&cid=CAASBORowu8&rfl=1%2Chttps%253A%252F%252Fgamingsym.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
server: cafe
etag: 6261108306223674270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Feb 2022 10:16:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220113/r20110914/elements/html/ Frame 2EF6 8 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220113/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Feb 2022 10:17:55 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EF6 0
571 B 138ms
67ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7xexX0Z0adtxTNyuOUHXA77r_TccnSX5K2B8QdGsUUNlLA9b_sONMDFYttZ5-lP199MfNT2KAnuj3S-QwzXiBtQbwjQGvG7U_cOv-VFiqF1aG20Ywb__K7E8yFtfKPkX-XqZzUUUIPSCTC3xlaH5kVqDSzIo55zkJGDPHoPEt-mO7dU5oEb7C_J2alTyklZCZXNXJGvAMTTPDhNAscQBi0z24r7Nh3rmjT7KLsaCmFvA9vbPrmEim3H0n2gBKsClTfCKmdZFrgeqBj1z125BK_UzsbDEv_zhxHg5lm4P98vuPPqW41OM8sDjJCbUTUOUiSAeX4Z1jmWpsev_Ia_OfIMqiMmWpB1jC4AZ1u3RKaMJEodPvrBl5gVPgjYBx3eJMrvZUYDSB5DbE2DVT8q-Ux3XL6DTk8BN-PASL0iFN_h3n109WZZK0d_0VWpW7Q0E0MGu1APw_fBQ3pz005GzsQB4vg_Wh3VMFsDiDdahNmXKDmgKSEfR-VG5lGAWzDTdkqXR_8kGANXrFVu1DNtukdb7kR29eIOhRN2o8rSBp-vug6Rszr_M7GjFORaPMFdaQgWJ2s3r60MIWs3sCCUp1zkyEkWuodJiyl78XRGbxoVjLVFkI88MTcP4zL_WF9jAZAdUGAWrTtSC9Bl6c7FOnwaLJJh9JMOsoCbGr8VROK4j8CD0ym8J2iN9EqG41sri7Vn9b4OR1X2NYCSyUsofunFtKZfV68DJvi6HW60o59zRZmTfaVgvcN9hswpzBil2zB_y_LNlK07bb7BZ3DSUwnZ0mzv8hi_4Mlf5WYEJni_mc6rCKUECO9VmIQJRvQdclU9N0JZehnjJbvwZdyakSmqynQ_-gRDHZH6Jvbs1NIPcmsO2CisVSfcB0KGk0FslXFzYHd3yLmsULFLIBjJ6kUkJiSBWDdCGoSPWVoPtI3xTBjC4lY-UbN3qdDDxdRRKYVpaSRbxSX5udtrGW434IlM85cMctesP6AOccW_DlfVhR3eV1dXnjEFujFlzFcN-6smzJlciaS8cOkP6REkdAm2J-p91JGHD_ykvw9L3PCXM6aJy6Ba0LxwnJc09fCnGr7wdcs4PsGGRSU57q9yyZ9MySVBzLXc9N_mRvVFtNq_SxnhzQb4SCnquBBHZIIUTRmU7P3sjaIH6j9_Mnwg&sai=AMfl-YS470HOCWLrMePfM5Iq34NRtnUAaOuZcyYzWpPkIww6LmtMpftGRwAgzPrb8B1J8wh7PI4la5xDSLtMY-dGq8b_BJp_qK4_9_1Kd6a309ZXwziOfLSFrvjYbtimVlNHbSgQ&sig=Cg0ArKJSzBVm7xnDpvAGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220113.40928&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 19 Jan 2022 10:18:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EF6 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 08:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jan 2023 08:48:02 GMT

GET
H2 200 6376879680734482490
s0.2mdn.net/simgad/ Frame 2EF6 107 KB
107 KB 104ms
22ms Image
image/gif 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6376879680734482490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddf2de6b9b7e2bc79305e120d93599eb19f647a8e81d693b1b5061e964b03274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 08:26:20 GMT
x-content-type-options: nosniff
age: 93145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109240
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 11:08:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 08:26:20 GMT

GET
DATA 200
OK truncated
/ Frame 2EF6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98308ba069fcb42a64c7301f669463b03729b2f51bdb649969c87593292082eb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 23AB 22 KB
8 KB 64ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Jan 2022 08:48:03 GMT
expires: Thu, 19 Jan 2023 08:48:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 5442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Show response
pagead2.googlesyndication.com/bg/ Frame 23AB 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 09:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 09:57:08 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EF6 0
23 B 86ms
57ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 19 Jan 2022 10:18:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 65ms
36ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

706a50bce588481d5592976bc5ac8c01ebcb48114ccb3c0518e059978553b1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 Jan 2022 10:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9129
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BugVFheXnYa_IHJXD7_UPj_GV2AYAAAAAOAHgBAI&bg=!2tml2Z3NAAZ_DxPPfw87ACkAdvg8WvJEwhN9Q97zbOJ4OF2QynY64lwvftH6kC-WhClgoPOdWyle_wIAAABZUgAAAARoAQeZAuDjd-gjgAMOlLSHLLMKf3MmaimXognQCB6PkCpkY2JN2TCb9E7Zxe9oPeyn9-diETyAVQzAllwfGFM93TJayVcqdYrgiAx98T5odRvnHGKCpjT0lq5xXd_pCMG0B_q6koHsKTleaKsKk8fZMibEc4TL4m-hRQYoXx9EgqS3R6T_Q311D-5xbTKF-VYaMzqo2t-aKMboDEzuVl_hfe6XXVYsJ6IQz65w3IqsWWWIi56hOQRwgpUH_BWibwa6WagZgXuwVp-tFhExguZsy9yWAl_J2DNfSSyCOAO0byENHZ9dmbgfz2TEFBoq4gZ2RjqsJ3cJGUSxyitnjovDkWucBI15Mq0hso1xB-XpUlRUHROBHVOO2EmprC_4lOeXey4j_2VeQsyQ6lH3BQRFzR0NAKe-yULbCPqC2-VPsgzQw_eoCHPHCR--8hhAxOg6-eivBvVjdxmy3PkQ0yk3Ky918XguEpRJCwy0qt9sGcK1DdlbkeWjcMUhDpkJyyJ2YfOLhrwS7kBkp6AzJfcRWD_zUCet-cPh10tF4JH4RM936A9j2Eg1WtYj7TzXg8I1AgLhk9Vtvtry6EwCYHgG4x6_tkYDGOPtQ6as6sfR-dGbiBDB1AW_JKkuQ175SEuVeUJRt5ou1LMcjZ5lYHiuZgQA6Wq4HEp_pgYsCPQ4FAA0Lu47A2BjAapPH4EtK5FWuUWw3inMsUhWBIS8mF1sY3dbIiAUt_JBMENzFq0s5Dn0kf8-QMNSr9bGbMyO71udfJsuBiTx7bxTZqMoc_7r6XSaEFupqz69hRnz9ooTkbPMInypDmSZWjEL7zuSeFUzGQfrJGaAdblU0HkqCd28VcVsuShsLR0lYH92q_5vhc52-nKsvDKhanKuSkIjPz4wtcZVVdJK0ak_MqRPehyjUxvkLS596uplwHaicaDeKFYwh2_U4seiVt93LueBtC-cfvOi4zU5ZW5DLyAnmHYBI7l0zw8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jan 2022 10:18:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4AF 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Jan 2022 10:16:27 GMT
expires: Thu, 19 Jan 2023 10:16:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B3A9 783 B
1 KB 95ms
33ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a119359e528d9d22ab84976a6e4e271c8ca1de10c36e9694899d7bc8150799ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ZN/3snyDed6CRjbLaI45Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 19 Jan 2022 10:18:45 GMT
date: Wed, 19 Jan 2022 10:18:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9ZN/3snyDed6CRjbLaI45Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Show response
pagead2.googlesyndication.com/bg/ Frame B4AF 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 09:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 09:57:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3A9 0
0 79ms
79ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=4281194643375076&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B4AF 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pRwQlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:18:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=4281194643375076&bg=!RkWlRQHNAAZ_DxPPfw87ACkAdvg8WkRqHyB3gTrXy2Dl52QIIG3XivddEJTblKYdvdqBv1-6-a85KgIAAABcUgAAAANoAQcKADQdX-SKTsA2YF7A3yIxi5wuquv2R9VvMUij_AXT4YuqECgwqicPl26Cv-4wFwW2f9bihFhImQK_nJbaVzf3VBvVz_gGs5bADlNxQueCUscIrqZlbFIWRjQkvWlr52QKKU304QuB6xZ6O8NzEN958dFU4nWOayaFuIDu7XQaMUCfsuHxVx0sV-PrPcFX6iVtPmHVk_l2KUtO9ABcaYowYc3FmBsEQfqCX7TPlAgcJtassoQqLzc4gRWXXMUr2yVErt9NUl_7_pUi1UyqB88EP2fRb9yHZot33bm11czyzfTAYYoS2c1EPRSYubHAAA3MGlrXmF4LbOCj1v1ItzPsYCTm8aKSnama0jMib5o_p_AExNy7Pcny5Qn-mc-gSqe-G7XQa8UxhJF98QphtGp27OkYWzv9PSSbQnzkqZzuNfibIDeYF7fMFyr5hGAKqU60KwbO0MDGjvTyM9b6qq9ErHhB_NPPSNf8gmxClvIHqhJJ7ScjgyaesoTumkLmQhR7D0vIWFY2wG0qnKYvxGPwRhUGT4DV2gGQpzKGXyZcuBFOl6jfJDF67_TggtctPhxnUEui0iU4i2t8v0fXwDngQH1VJRA9m4ySeegl9sUhKGme9vkW1oMCDo9yXPAZdd1QDqEwSSiCqoMuIsm-eMUp2HfPnviXpfTu5mT-92mgsB3BXyXxLL4495ur8hIFcCMMgVBFoQLRTHdwbL9_fThZ8WLYCLEHjj9i6RUVMlUZMTsN-vZUnDyxTuzi81BC8cxObzFtKtRk6J73pBWNlLKXWVulo_n2CPv-ZFD9jKbQBI5BdMtR2tJRDlVBNpgVGalXMT_XqNlEuSqhqYFVP9-3sv2r9IR3-nzdA8CnrmMTj2clMG9uHCqszCAQYa5PG-DnbGkFDNwOZMX-H6OWXPcvvdo5dBR7fAXL1nrV-8ku2Mp7kppi6qBPukoO36N9cpm7J-22O6iS2eSHYAvMemRM2WbrK4hrv5JkKuR26uf1V9VTsMQXx8DxvQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gamingsym.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2EF6 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCkbITSJ8S1g8x0df_jTThC6wELhdGVHZXf9s2v6daefkVTYpELtQuE8i9TGAg7P8cZbFYpYA9nS-KBYYlcxI1sr2YYrvBY4Ap0Xa4tEwgXJJCPjYtjA&sai=AMfl-YSMw5xlTbalPpglbqJSROPDbcHDETpfHkJiPvSRCNSC6i0tIDPycJkLN4hMBR-NefeBe_JI7iqhuPA7&sig=Cg0ArKJSzFkN6-JXTGVQEAE&cid=CAASBORowu8&id=lidar2&mcvt=1001&p=0,0,94,728&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=4060618467&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642587524906&rpt=836&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 10:18:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gamingsym.in/	1970-01-20 17:47:39	Name: _ga Value: GA1.2.62989542.1642587525
.gamingsym.in/	1970-01-20 00:17:53	Name: _gid Value: GA1.2.954193813.1642587525
.gamingsym.in/	1970-01-20 00:16:27	Name: _gat_gtag_UA_175299361_1 Value: 1
.gamingsym.in/	1970-01-20 09:38:03	Name: __gads Value: ID=743191bd205f8fde-22aa4a5b22cd00d8:T=1642587524:RT=1642587524:S=ALNI_MbZPkOET5vmsmcE97Wklo5xUd3jvQ
.doubleclick.net/	1970-01-20 09:38:03	Name: IDE Value: AHWqTUlL4C_EJID1IyFSnaxF2dFm5flQd8k48ZpaFLjrDVBgosE3cVuEARLR3U68YBI
.casalemedia.com/	1970-01-20 02:26:03	Name: CMPS Value: 5197
.adnxs.com/	1970-01-20 02:26:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`gHBzcB!@wnfH8K6pQK`!5=E<L5?%M#1Ik)C4A.1nhqY8f#py)jPeM$?T@cXw0lS4P(hw9P-HC_#u#]q)_3sR
.adnxs.com/	1970-01-20 02:26:03	Name: uuid2 Value: 2564441052916027879
.casalemedia.com/	1970-01-20 00:17:53	Name: CMST Value: YeflhWHn5YUA
.casalemedia.com/	1970-01-20 09:02:03	Name: CMID Value: YeflhZwnrAZ-cnBAMe70NgAA
.casalemedia.com/	1970-01-20 02:26:03	Name: CMPRO Value: 1198
.casalemedia.com/	1970-01-20 09:02:03	Name: CMRUM3 Value: 2d61e7e5852760CAESEJUT5d2nSJjV1hmdOoWn4S8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cdn.ampproject.org
cm.g.doubleclick.net
contextual.media.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gamingsym.in
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.iphoneitalia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.deskmodder.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.108.144.24
142.250.185.98
142.250.186.130
142.250.186.98
184.30.24.241
185.33.220.243
2606:4700:20::ac43:477a
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c06::9a
2a01:4f8:211:214f::2
72.167.124.129
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d41323d5bcb986e861ea9554dd0c12763d805d5816c77c78c5179d1ee55c0e5
0eeb974c07ad970822f9d21533b72c71f60d5f93237020f098ba3d18499a1fbf
0f952dbc70778616d18f8452ac1e6120d34a49dc5144baafcf39a613dab88687
11fe0a19902b1be844064d4c5090c2ebfadba78cb4e46983cde19c0c8ea72a82
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1efa7f2e4651f4cca2e2b637010078cb4573470b30c5aff686f4415c6789c963
24ba5f38a61f8e37ca889c9c461b36a2019b74cc59b6aebcb5633aadbb868997
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
296a8e0c2b996d8664033587ea45a9aedc908b31c288938c042a5ce41b81119f
2a75e3ea1b1b0eeb9cc5657170438b7bacea180b3ceac165f6eed496d6f25e36
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd82d9a5ff91ba26a3106b99bc41abcabec2621c3fdb55c93a30b39cd7f1b8b
302e8305bfce4eefbf9eacc64d064e20d6906624cb86f0539ccbe3039f33355a
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
39bfd091996acd0ae970398c2814a732d21492e07c667aea4f25162ce67e6629
3b75529fca5684fe688e9fae050e24cf493aa154fe9c80358eb94dabe68b2c32
3dbe4b36c0c1c431f00de2a31f764182f66f0c4df7b3e0308458e7fb5767f4ae
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2059545f0105e747524f30d894c310fd1a178867f12d248da002876aad26b2
3fa198d3073d83623072281cfcb3a99dbdb6aa33445268a047f6aa0e06f84cd1
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74
4a19f1932b6fb539c0e3cf60749dcbc2c80ac1002bc4af75a2a4a2fd611968ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b
53703c4f164f44a21982cd0653d77c81d75ded6462437be4826ec5ca27402cde
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d6aa609e0e6a1ea707c29641703305ae684a8a364ff84b493b2e56c61c1014
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ac22831dfaa062f4c8c41fb94a7c33bd52ad81b6c7f3a1fccef80f2f5f9fa12
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dff4b9bacd93f97afd67c967036d82e9b4ac4bd6c47931924984d276b372512
6ed4d9c086dc5fed6b77896086e08e916d8e08db2c05d0eeb5924039537fb04b
706a50bce588481d5592976bc5ac8c01ebcb48114ccb3c0518e059978553b1bb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bb8f12123a317626c385499ea2e5284d636cd17473540b276df55eeb1f3afb0
7d9c0213cb5d524ce6045ea8259199da3185c1967c2062d41df4e5e3e2ae420d
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93f9ac305678f7c4dc35a6288c66c3f91cda94235a5579664e617d33cf514ff4
98308ba069fcb42a64c7301f669463b03729b2f51bdb649969c87593292082eb
9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f
9a82cd239fce2fe688d6a57bfb0505519bcb2fbacd9842bdb0c8ebbb793df107
9dbbdfedbc6ce8ebad500036a3a93140213364f54dfd9b3348d714b9b4bd8447
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a119359e528d9d22ab84976a6e4e271c8ca1de10c36e9694899d7bc8150799ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2682b64537c0da24e9326a5b82b1ce7e8c9a9f33ce7b052c87eddbeb5356528
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aebe50d29a98c1f33d40d5b42491f8bb649916c1e277c0565a41cbc578acaa10
b093b0f0a38f08f3f0eaa54f9b5f18004468f9088b74ce9b448449b53b1d38de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b6f99745faa5d27e70cd17dd80c0eba1b9193a25fabbc21278cdea6ea3123b
b78e4ae257f4e3a91198582393132ce5c59b56702528d8c250f8180a96f1d74b
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b862b809cfe4835b1795ec5788bf374bac716aa66c941f5170fb1f500a04c56d
c415da3c762da4270c015798ab4c4cbcd9a1bb90f5c586edaf203d81a5c4f87e
c4f60a87b410718c86de1b8f64ee13dc802bf4343232a2ee0cad2bccbe57b960
caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e
cb48d14bf71bcb7509b06fdd0defd171755a0630a407036f1e7c25d6624192fe
ce92563e5283dfdd6eb7879e13175e64cab9bfd77d299808c692883de140aade
ddf2de6b9b7e2bc79305e120d93599eb19f647a8e81d693b1b5061e964b03274
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1461a1fd64838fefbd7b0bb9464f468cdbf15af3d4cb3a5abe451b9d6cc9687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e597bf1707eb4cf6c87654131d990ed0dc9e3a709198aad749d82557826fb0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

gamingsym.in Open in urlscan Pro 72.167.124.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

95 %HTTPS

68 %IPv6

18 Domains

24 Subdomains

23 IPs

4 Countries

2363 kBTransfer

3636 kBSize

12 Cookies

1 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gamingsym.in Open in urlscan Pro
72.167.124.129 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

95 %
HTTPS

68 %
IPv6

18
Domains

24
Subdomains

23
IPs

4
Countries

2363 kB
Transfer

3636 kB
Size

12
Cookies

85 HTTP transactions
1 data transactions