urlscan.io logo urlscan.io
SecurityTrails logo

www.prizestakes.com Open in urlscan Pro
172.67.178.189  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Submission: On September 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 125 HTTP transactions. The main IP is 172.67.178.189, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prizestakes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time www.prizestakes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 172.67.178.189 13335 (CLOUDFLAR...)
15 172.217.169.66 15169 (GOOGLE)
1 142.250.180.8 15169 (GOOGLE)
9 142.250.180.3 15169 (GOOGLE)
1 104.16.18.94 13335 (CLOUDFLAR...)
14 172.217.16.226 15169 (GOOGLE)
2 142.250.180.14 15169 (GOOGLE)
2 185.60.218.24 32934 (FACEBOOK)
1 142.250.180.2 15169 (GOOGLE)
2 142.250.187.226 15169 (GOOGLE)
6 216.58.212.194 15169 (GOOGLE)
28 142.250.180.1 15169 (GOOGLE)
2 3 172.217.169.68 15169 (GOOGLE)
5 142.250.200.10 15169 (GOOGLE)
8 172.217.16.227 15169 (GOOGLE)
1 16 142.250.179.230 15169 (GOOGLE)
125 17
15    172.67.178.189 (United States)

ASN13335 (CLOUDFLARENET, US)
www.prizestakes.com
15    172.217.169.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.180.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f8.1e100.net
www.googletagmanager.com
9    142.250.180.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f3.1e100.net
fonts.gstatic.com
1    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    172.217.16.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.180.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f14.1e100.net
www.google-analytics.com
2    185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net
1    142.250.180.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f2.1e100.net
partner.googleadservices.com
2    142.250.187.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net
adservice.google.com
6    216.58.212.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f2.1e100.net
www.googletagservices.com
28    142.250.180.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f1.1e100.net
tpc.googlesyndication.com
3    172.217.169.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f4.1e100.net
www.google.com
5    142.250.200.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f10.1e100.net
fonts.googleapis.com
8    172.217.16.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f3.1e100.net
www.gstatic.com
16    142.250.179.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f6.1e100.net
s0.2mdn.net
ad.doubleclick.net
Domain Requested by
28 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.prizestakes.com
15 pagead2.googlesyndication.com www.prizestakes.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 www.prizestakes.com www.prizestakes.com
14 s0.2mdn.net www.prizestakes.com
s0.2mdn.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 fonts.gstatic.com www.prizestakes.com
fonts.googleapis.com
8 www.gstatic.com googleads.g.doubleclick.net
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 connect.facebook.net www.prizestakes.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com www.prizestakes.com
1 www.googletagmanager.com www.prizestakes.com
125 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.prizestakes.com/sweepstakes-giveaways/att/
Frame ID: F5B65F3C9CCEE067D9EC961400CFA6C1
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20190131/zrt_lookup.html
Frame ID: FC0A072489ACE9B1B0EC84D07FA09C1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Frame ID: C6BED173553F9CA67CCB4039771536D6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Frame ID: B016974DEF3385793931E5A06FAC7049
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Frame ID: FD5BB3F5D9D03316568E71F403C0451E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&adk=1812271804&adf=3025194257&lmt=1631712531&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531588&bpp=1&bdt=435&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280%2C336x280&nras=1&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=128
Frame ID: 8B6A3C0EBE2734C0A10F12E32D1435E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 71C3BE7273F28E71D47930950DA5E532
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E16050910D186EE896402EF568FC3F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1038702E14BF0DB50B72CE402BCDCE32
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Frame ID: 17E9816F9DD541CE059AC2C6691FDCF2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49F5101699215F46F4DBA9173A6B0957
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3034A5DAD95C19C3921EBE17EA693796
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/9144881/1626984068035/index.html
Frame ID: 1F3E044EF50779388B9D311150AF0DCD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CA0EBFE370AF2BA4F56900229979436A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 79CEF1F0E2C50D73C0A145EAB549851D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: B10A692E3AC967B3AD011CA903815B38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: 7CF6D898F8991AE76D96A3C4214D2352
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: D7A2E6C3D72F6A832AC792C1D899D334
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AT&T Sweepstakes and Giveaways

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

125
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1634 kB
Transfer

4013 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_pre=CLC5k--KgfMCFbcw0wodMPcHTg;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 126
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.prizestakes.com/sweepstakes-giveaways/att/ 		55 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0183d0bac22651257802d07167fa037c06d34e58879db3f99be7dd5ab98b73d

Request headers

:method
GET
:authority
www.prizestakes.com
:scheme
https
:path
/sweepstakes-giveaways/att/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
referrer-policy
no-referrer-when-downgrade
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K2diWKXR1wG9IxwmKPGVeconQPAD9cCFrjaUPS8KQPkQ3PwSmUOVTT2D7PoAn4bOx8Mss%2B3btOT0LQPwQmPI%2B43JHnnKMdIEhx7ICJ0bnbCK5A0Rbi8jbofHJqtQ9oHp9C4SF%2FX"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68f23355deae0ebb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
80332.css
www.prizestakes.com/wp-content/cache/minify/ 		271 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/80332.css
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d46f2e92fae0333795cf5911f172ccd77c67c60ad15c4b2552f65c241f0e7b7

Request headers

:path
/wp-content/cache/minify/80332.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
878692
cf-polished
origSize=279301
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 03 Sep 2021 13:20:28 GMT
server
cloudflare
etag
W/"6132211c-44305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgZOh2Jty6JU9wdgnwt4viJfUhcFi7ZMGVZpHde8gMN9ngjGkZz2%2FY12%2BlcX5HLuiwpYIL1YH55hotCQSkXCcnMlUOIp8VRscGMIJVXReQR1qoRJ2enMVbu%2BHYOa4rC8sWkCod0C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
expires
Mon, 05 Sep 2022 09:23:58 GMT
cache-control
max-age=31536000
cf-ray
68f23357d95b0ebb-FRA
cf-bgj
minify
prize_logo-2.png
www.prizestakes.com/wp-content/uploads/2020/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2020/11/prize_logo-2.png
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25545816ef00c201f6f8588c3a3f62a7a5df1a9532c331acc9a66399c013122

Request headers

:path
/wp-content/uploads/2020/11/prize_logo-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2013645
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9983
last-modified
Thu, 19 Nov 2020 19:25:27 GMT
server
cloudflare
etag
"5fb6c6a7-26ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm64oARznbFtE16oj0nKmDg9sIc84rZxyt93zRVNgTc0s42%2F1KC7pemPFjtSIUxOm2wAuBuUE6Lc1SHoe3tv%2B2L0mgK1P0SUbKhyR7gWGCc%2F8NQVNGoENPOHH5rD3BLlVuTB8y5R"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f23357d95d0ebb-FRA
expires
Tue, 23 Aug 2022 06:08:06 GMT
rocket-loader.min.js
www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIzKLVTJtzZ%2FUZLGamZZ4ZLn5hgCcUGsW1ASdM0KhvjODJkb8kJWTLnOKXpumEOm33xf4F3TlCgNSyD7pE8OqEH%2FN48Hvy%2Fxnle9Zo6Y2DDv4TTkE1FvAACS1o3usTLorLbwpWp3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68f23357d95e0ebb-FRA
vary
Accept-Encoding
expires
Fri, 17 Sep 2021 13:28:51 GMT
abbed.js
www.prizestakes.com/wp-content/cache/minify/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/abbed.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293

Request headers

:path
/wp-content/cache/minify/abbed.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189949
x-proxy-cache-info
DT:1
cf-bgj
minify
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 12 Sep 2021 14:47:06 GMT
server
cloudflare
etag
W/"613e12ea-1842"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEp6OdP%2BY2lvd2wKz%2FN%2BBfjbUvepfkZzfwjaZJ1WC0J6Z2khHhcRs%2FsUm2NYDTR9TNOuh7%2FM8Q9JhIMcw6WZnxoFRQVqe%2B7S0kL0Wj8uuVSotfbMd7fldk3G7bYNoHluNSPONAU7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68f23357e97e0ebb-FRA
expires
Tue, 13 Sep 2022 08:43:02 GMT
27f31.js
www.prizestakes.com/wp-content/cache/minify/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/27f31.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f0cc34faa49ff8e8bf82335ecb77bfab1308a7b296646f74f52a3032ca8c61

Request headers

:path
/wp-content/cache/minify/27f31.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5862255
cf-polished
origSize=14913
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 09 Jul 2021 14:28:53 GMT
server
cloudflare
etag
W/"60e85d25-3a41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jQM7q5I2Gkrj5hAZRCj8QabyavtDfCc9j3FNb4BzxfRQFh3ctaUYUGhUC66Z4mUUQZWKvQUuj5Es7%2F0nMlZumpZWeku37dRg%2Bv8WBOdgZJT7fehEm1Mvb1FHtYBkJyvIf%2Bk37Vq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Sat, 09 Jul 2022 17:04:36 GMT
cache-control
max-age=31536000
cf-ray
68f23357e9820ebb-FRA
cf-bgj
minify
763b5.js
www.prizestakes.com/wp-content/cache/minify/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/763b5.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de29f2166215e8af0e5bccb5c42c63a96acb1d85289945b722072b2d87760ec4

Request headers

:path
/wp-content/cache/minify/763b5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3031210
cf-polished
origSize=31508
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 14:02:47 GMT
server
cloudflare
etag
W/"61128707-7b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT1Jgnd5qZEnhXXuYa7odTbBgq6YXQVXpPYyRVblX2DNLgJavoftcDOsdVoZetboWomYdj%2FoIzY0NtMNEJZJ6y90eOqHjgLPHGfMcXa9h9WROaSXuVn7s%2ByGIJpLLmC%2BLUI1wGbo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Thu, 11 Aug 2022 11:28:41 GMT
cache-control
max-age=31536000
cf-ray
68f23357f9850ebb-FRA
cf-bgj
minify
1a693.js
www.prizestakes.com/wp-content/cache/minify/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/1a693.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341eaf997735207ebd5da4f3fb14bc86beb67b9e8777158325966277817d876e

Request headers

:path
/wp-content/cache/minify/1a693.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1372079
cf-polished
origSize=45246
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 30 Aug 2021 13:29:04 GMT
server
cloudflare
etag
W/"612cdd20-b0be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA3yMGI4FXF1GZxupnXddn7fsXYDIcG87l1LXLhb5OF%2FQYbK9zTLB2iBxU2bJw0T8Qcmi7PGwBFlMEHtHaCfXFBKzPuv1%2FWqzYDHmk6xPRmydZsVnfQ6uYakc7uWwor53KT%2BiM31"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Tue, 30 Aug 2022 16:20:52 GMT
cache-control
max-age=31536000
cf-ray
68f23357f9880ebb-FRA
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
81dfc31e26ac2768b538618870c6dcfb710a7fe4e4dba2fda1383dd6fc3f98b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48950
x-xss-protection
0
server
cafe
etag
2374324128513959574
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 13:28:51 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74411062-5
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9e9ad04a38240c2ab9b45f17a5d35c51e1cccb51163dd38ab0bbce6bebe3f26f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41193
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Sep 2021 13:28:51 GMT
818c0.js
www.prizestakes.com/wp-content/cache/minify/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-content/cache/minify/818c0.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab124def360f1edf625076dbedba0808d9f86b955167e0251acd3249e8cbd91

Request headers

:path
/wp-content/cache/minify/818c0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8290122
cf-polished
origSize=100722
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 11 Jun 2021 14:28:16 GMT
server
cloudflare
etag
W/"60c37300-18972"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HI7htl0H9BIHQWtRpRcX6it8LQeT0JIRIiYoMv%2BQFc43f4i2pziJYquyRx%2Fy3RlW4G574WI2ulGpSGJfrRfvMwiH1AZ90pyO8y2TF5JbGHn7f6vLIUW6ntvEq%2BMBZ%2FXj9IpO5Kb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Sat, 11 Jun 2022 14:40:09 GMT
cache-control
max-age=31536000
cf-ray
68f23357f9890ebb-FRA
cf-bgj
minify
wp-emoji-release.min.js
www.prizestakes.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prizestakes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
451234
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 21 Jul 2021 15:11:16 GMT
server
cloudflare
etag
W/"60f83914-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC0p%2B%2FXSbgnCSB1wxn98bKPgsdEttwGa80f2auQXo2qRpos1qYltGvST7ih2txyAYhxOn%2BaU1N%2FrZtRNVK6249HhRmWIvlKJ7fq251sEsWhJ888kR41QV4BBb6Rr69N8TGV3p6Rb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68f233592904691f-FRA
expires
Sat, 10 Sep 2022 08:08:17 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/wp-content/cache/minify/80332.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prizestakes.com/
Origin
https://www.prizestakes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:22:11 GMT
x-content-type-options
nosniff
age
4000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 12:22:11 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/wp-content/cache/minify/80332.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prizestakes.com/
Origin
https://www.prizestakes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:15:58 GMT
x-content-type-options
nosniff
age
137573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 23:15:58 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/wp-content/cache/minify/80332.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62738b62849a46842f34013b8528886f10c8d0e1c9aec47d636e05d631e2f60e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prizestakes.com/
Origin
https://www.prizestakes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
78107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62472
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-f408"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqhVt0aBlP7iALfzVGZpVKw7fE5Txqj91WYhX1wIS%2FlytZdKr9aRm%2FRQTbwxVnZW4w8hf2RhpaSQcN34vnBKOV2eOoy3kqCNAjh%2BL7PcGyH3UFhZqffNTaz0ldOKz2nvyvI25BH%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68f2335a0b9627b8-PRG
expires
Mon, 05 Sep 2022 13:28:51 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/wp-content/cache/minify/80332.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prizestakes.com/
Origin
https://www.prizestakes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:51:51 GMT
x-content-type-options
nosniff
age
52620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Sep 2022 22:51:51 GMT
1-129-480x304.jpg
www.prizestakes.com/wp-content/uploads/2021/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2021/08/1-129-480x304.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce046b1f131f7476def98915b086ef6310cb2f46b71390c4e9cf8096ea5c44d

Request headers

:path
/wp-content/uploads/2021/08/1-129-480x304.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34401
last-modified
Tue, 31 Aug 2021 19:03:03 GMT
server
cloudflare
etag
"612e7ce7-8661"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtOH8Xxnxz3s%2BNU4wsb9zLZ93smkBdQBB2DeA5rjkdTWPbV0Z1Z1uurdEZyT%2BgsBvMLR0xq1hSeGvnM18Laxl42QovH1OzRYqbHmtOqDI0vAp7A3ImhV0qVAGuopa5klVGVLJzxZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f233595972691f-FRA
expires
Thu, 15 Sep 2022 13:28:51 GMT
1-29-480x292.jpg
www.prizestakes.com/wp-content/uploads/2021/05/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2021/05/1-29-480x292.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdeee8242e8a8ebae85c2ed3cbeddc8fbbfbb9c6ca7e09a8f8210910afc4d91a

Request headers

:path
/wp-content/uploads/2021/05/1-29-480x292.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18963
last-modified
Fri, 07 May 2021 22:04:11 GMT
server
cloudflare
etag
"6095b95b-4a13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Om61UnMYbIfFbJjoIsOcxf5S9Ty1fv9o2Hhy9u40qWh3HbeJUl%2FOy07Blq1bgEIrENnxvZFC4kyOkLU9h45%2FaqhF6AWDIcFoRzPIpztrrPLud1wn9sJIdnZhPmI8kpkRkhlgcsYx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f233595973691f-FRA
expires
Thu, 15 Sep 2022 13:28:51 GMT
1-17-480x246.jpg
www.prizestakes.com/wp-content/uploads/2021/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2021/02/1-17-480x246.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f985cb7f84f81ff829c6e0136c92802715bbdf0b1c16d2892db43326ace4b6f9

Request headers

:path
/wp-content/uploads/2021/02/1-17-480x246.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22132
last-modified
Fri, 05 Feb 2021 08:57:10 GMT
server
cloudflare
etag
"601d0866-5674"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhX6PNYq%2Fee3cKRhYlQcNZolx%2BQq9tVisd2sag4dSjxJixgPqgt%2BugGhsjE3fy%2FLKe538Zz2%2BVlc%2Fc31lo9zh39Qn8jpFd4cenTt%2FJIf08BpNrfIxOoEiB18fMeZ4zP%2Bb2rFPNlx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f233595975691f-FRA
expires
Thu, 15 Sep 2022 13:28:51 GMT
1-53-480x320.jpg
www.prizestakes.com/wp-content/uploads/2020/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2020/12/1-53-480x320.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc56fa9b620d5489ed28f18d0f002bcbc1af6d7fb1acf5e181487f6b16bae01

Request headers

:path
/wp-content/uploads/2020/12/1-53-480x320.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24919
last-modified
Fri, 11 Dec 2020 11:18:13 GMT
server
cloudflare
etag
"5fd35575-6157"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TgJDSatDo0gfoYujGdNCJqRLcJv55DwD2VxC2jelbQBktVgUhGZux%2BpoaRu1xPcmKbGeSRdrPB1gN5%2BMgu%2FPnI93l4hRNU1lV4GE1u1ZjG0dF7nWmRc7IlMJXTFEXO0wZ5wiYMQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f23359597a691f-FRA
expires
Thu, 15 Sep 2022 13:28:51 GMT
1-42-480x267.jpg
www.prizestakes.com/wp-content/uploads/2020/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prizestakes.com/wp-content/uploads/2020/11/1-42-480x267.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f34cba59d54f9bea050b41bb771837d685eb62d6d3ae15884ca61649cbcb845

Request headers

:path
/wp-content/uploads/2020/11/1-42-480x267.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.prizestakes.com
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19545
last-modified
Wed, 11 Nov 2020 14:21:53 GMT
server
cloudflare
etag
"5fabf381-4c59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHnx%2FcnaY7K3FK5qk8LsfLvz6uMHNrEopdR37XFu48taytGP0AJ7KAbkmINPBQ3B2bFkf3T%2F1TsLquz%2FojDtH1rrD9JlaHbGRW9JveOeLYA0Q8INS6iBakgGGWEwLcoIZ6uYinBo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68f23359597c691f-FRA
expires
Thu, 15 Sep 2022 13:28:51 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ec095e2ac2d9554d0fc29aa3d63b1ec3fa85727feb0404b516b380e189c6d6b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94967
x-xss-protection
0
server
cafe
etag
12170293806907331852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 13:28:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210909/r20190131/ Frame FC0A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210909/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210909/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 18:47:56 GMT
expires
Tue, 28 Sep 2021 18:47:56 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
67255
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74411062-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6402
date
Wed, 15 Sep 2021 11:42:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 15 Sep 2021 13:42:09 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
fbaf30f97258e2f743d7552b89c7a320d09f0b935e6723ecf9f043ab65b90c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
edYDh1j6EH7hj+h5dskI+Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
egmW94+yrYYsoet3CqhX9hDk5Yu0fAFKP4kXzzI+9+X1WYan8Hc1CbD9fwHADYk0sWeKyv1n66dG9/BPXLE9JQ==
x-fb-trip-id
1082456386
x-fb-content-md5
edc4b459dc3180ea4ec97a1e14f2ecf6
x-frame-options
DENY
date
Wed, 15 Sep 2021 13:28:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"40010a994b8db973448e3a3810b04b02"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Sep 2021 13:46:13 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.prizestakes.com&callback=_gfp_s_&client=ca-pub-8749739891624787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f2.1e100.net
Software
cafe /
Resource Hash
9251908801df777983eca5dfaea71c3fe1fa8082041b382fc02ccfcb8358cad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.prizestakes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6BE 		84 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
618b8292d1276274d61a370e36e777b3a709bbfac8ca61a22a741e8a04de80b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 13:28:52 GMT
server
cafe
content-length
28271
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 13:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210909&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
f415a815b5ccb766385c98e5d52eb0dc4de665b4dbb06c9653edb59d9937a61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8532
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B016 		82 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
f425b92ffbb47386c1e8de55f8965f57165c0483721116bf67bdd32eca168eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 13:28:52 GMT
server
cafe
content-length
27165
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 13:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FD5B 		69 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
40d33725e937d8156d1a87ff6ce582888782b94957b08d10750f89bbcf9f7919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 13:28:52 GMT
server
cafe
content-length
20353
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 13:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1910019216&t=pageview&_s=1&dl=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&ul=en-us&de=UTF-8&dt=AT%26T%20Sweepstakes%20and%20Giveaways&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=218254165&gjid=1195216322&cid=2118148605.1631712532&tid=UA-74411062-5&_gid=592973060.1631712532&_r=1&gtm=2ou9d0&z=1699802439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.prizestakes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&tn=DIV&id=aliagototop&cls=alia_gototop_button%20footer_button&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8B6A 		304 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&adk=1812271804&adf=3025194257&lmt=1631712531&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531588&bpp=1&bdt=435&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280%2C336x280&nras=1&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
015fd1b61ab662d29792b28b9d68171c3eaeef2a9015393e69bdace478efe58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8749739891624787&output=html&adk=1812271804&adf=3025194257&lmt=1631712531&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531588&bpp=1&bdt=435&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280%2C336x280&nras=1&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=128
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 13:28:52 GMT
server
cafe
content-length
69604
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 13:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private
sdk.js
connect.facebook.net/en_US/ 		228 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d95de7f522e2cffe2011792d4208550c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
11e2adee3df5a8e3109c0f86a46522aeccc8d3dee01fa7820b6673b80c5b80fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
Origin
https://www.prizestakes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ms1faLGvlSYDphR78K0DAw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68417
x-fb-rlafr
0
x-fb-debug
2IpDj2i/nHSRTlP7MEpz5DJesslyk/BMZwUwKaMtu8RngUmhYvZ5zuiboH9FyZg6fJoKkcve/pNgjVaRm0PiTQ==
x-fb-content-md5
4474ac54cc7a14b04a75c606605feaaa
x-frame-options
DENY
date
Wed, 15 Sep 2021 13:28:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"cbba1d8df7219c56c94ae103e6b20996"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Sep 2022 11:27:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:28:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 71C3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 15 Sep 2021 12:40:23 GMT
expires
Thu, 15 Sep 2022 12:40:23 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4E16 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f4.1e100.net
Software
GSE /
Resource Hash
86d6a012e325e49b465207d5aa00dc855102b52718bb199572322a53d5f967d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5LyGvd4L20Us2DnRoc2pLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 13:28:51 GMT
date
Wed, 15 Sep 2021 13:28:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5LyGvd4L20Us2DnRoc2pLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 71C3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
64992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210909&jk=4153914624970488&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210909&jk=4153914624970488&bg=!DA-lD0vNAAYT0U73E9E7ACkAdvg8Wk6QqBJAZIyBKUMcSHkych1-Dui4sFUq6z9-9bf3alw3EWpYkQIAAABaUgAAAAxoAQcKAKRgFMK_JoA-lQexpVtU54OxOmpiW6jmrDeRScsm82-BMJopYaAA0mphehEOOFzEk9KvhFkOtpqGCDEJFP2qx0pprl9L_tTdaJsb2g8w-WPO6tSwfvLqZgzi7z3oDDIQJF8NnKAYa3r5h-PJNkfBwMe1Nvl5r4tFHClD0PhTv9fN_XPLdN-VEWLqVTh_Xb3GutTul6b8X0v8TsLFQA9nst2Y33tWNpkCceL8cJST5hGmzhFHkFEvX91apXrVqLjkbxCbXDjxRj8aXRSde_0ydUVF7J0EWupgNsvrhVJu81n2l5f03cxUm8j-PLUIAehTvh6dXYpY32US1LcmeYevf6xFydn1uc4G_gaHa5H7vEYOO4Lu8kk8WAjGwRbvFQcQ-Oy5MRLj_LyVNjqzK-4Luz859QbgVeWukFNX2Tb3xXRFP1CQmgd1TtS2KQDcO6q29HjXTNlsNMExecPJQLz0ALoxhmOuZBvGy5MogpqqLeWigiEee3r95Tc1Gx-5_Uw06Q6jEY_XjHbg-FxqQlc_bwnumrvzfyvp6l_-Hsz5y7RziAQWGbIsllFAp-0Y77G6LHEM0Ugl9Cz6ZJL8vuWhA1kHOzynm-SESbYCtWQpyd4f6ZxNthDIplH7n5DnDn54FBdOrlPP0lV6qRn6aYc_DS2p4tvzOVElhpmZ2kaGp5vmaeAfjM7oQIc6jPC1HYgsssic6WKyoze7JQJUbvtXUQVszCz7A8d8AkiGyNW7MKZYiConxgp_8NW8GaEEG54vLByGHhJ6jhQ6I6G4fQM9lOlFaDc4zJDIlgTUXumULMCxDoIou5FpBn4yJ2Fe6m9gYFNu4VchWxOgHtQ30y2Jhr5-GZZLTdinIUyeCxgY3FVyALSqyGn6rb7hvS10VVxeGYH5E-3OCruNOtVRGjO8NazJaYkO-nPpa3-0YbUGpJYl9k-VfHjEwOt3MFk-vB9-bzyRi6IKcqnYi5xA1nrNkZy8_TUTqE1YrGqXiym-980iXOfjg15k6tgGSslU4dOT9-Ss0EBtSdL-tCnWjM35xZorzA-rQY1JJYI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e74ff071848b54d3981032a95f608e6a49f67b2675f63d800f55511194593fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53094
x-xss-protection
0
server
cafe
etag
2598885330904207198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 13:28:52 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.prizestakes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/ Frame 1038 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 15 Sep 2021 01:36:03 GMT
expires
Wed, 29 Sep 2021 01:36:03 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
42769
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/ Frame 17E9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.prizestakes.com/sweepstakes-giveaways/att/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.prizestakes.com/sweepstakes-giveaways/att/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 15 Sep 2021 01:36:03 GMT
expires
Wed, 29 Sep 2021 01:36:03 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
42769
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 1038 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:00:39 GMT
server
ESF
date
Wed, 15 Sep 2021 13:28:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:28:52 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1038 		205 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 11:16:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
353570
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
expires
Sun, 11 Sep 2022 11:16:02 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1038 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 22:32:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
226571
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
expires
Mon, 12 Sep 2022 22:32:41 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame 1038 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7656
x-xss-protection
0
server
cafe
etag
8352096984186353373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:10:10 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 17E9 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 03:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 03:00:56 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame 17E9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 11:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 11:03:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 17E9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 17E9 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
09da166bbd2a7421ea3b4842666bddce3d97c04c95f5e96c464544e1911bdaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12782
x-xss-protection
0
server
cafe
etag
7555688245467925627
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 12:25:15 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 17E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:27:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17E9 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 17E9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:28:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 17E9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:26:40 GMT
css
fonts.googleapis.com/ Frame B016 		3 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:02:38 GMT
server
ESF
date
Wed, 15 Sep 2021 13:28:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:28:52 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame B016 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:11:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame B016 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:26:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame B016 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:27:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B016 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame B016 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:28:00 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame B016 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 14 Dec 2021 12:57:47 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B016 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLrQCE_VBYdnQLIbBtwf5yLbYAcCPoMdk7bWg9JQO3dkeEAEgouP4N2DJBqABjvTJ1wPIAQmoAwHIA8sEqgTcAU_QIUHQwj3DgOL6_TCuhO5U6d16SFm7aMMeAa_wW-8_q-2pog25rn7q3Q7ovxvL-S2TThSEDl4Sle6r5qMEXrU-NQQ-e_2XUAl6PsniYZL1bR5GKab0jJ48Kfhk8SynWeC95T4cYRiKPqFtKRUHRGS66dBxjN3wqBwRnYkE6hZWbArlZ17n2EdNLWMImkjpUZIm670NBC-_nIce9IRbJriz68DxKcXrI0cybHTf5eIvtdKDGFGPcwB3KQaaEbXdOykxJy1qlDHHZc7upTSrS8Yab-3PPNrXUhak-knABOuWktyeA5IFBAgEGAGSBQQIBRgEoAYugAfai7YoqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCy6AnSCAcIgGEQARgfgAoByAsBuBOIJ9gTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NzQ5NzM5ODkxNjI0Nzg3GAA&sigh=K4PkelMGnO8&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 15 Sep 2021 13:28:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 15 Sep 2021 13:28:52 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6888493148848512317/ Frame B016 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6888493148848512317/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
d994207cf1032eaf12f1af842ce9fb590287be644dac2304660ec8a4bbd49b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:16:28 GMT
x-content-type-options
nosniff
age
130344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12810
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 17:54:48 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 01:16:28 GMT
truncated
/ Frame B016 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 49F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
489542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame C6BE 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:05:44 GMT
server
ESF
date
Wed, 15 Sep 2021 13:28:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:28:52 GMT
e97fc1f500c2ba07d7ae78e11e245b27.js
www.gstatic.com/mysidia/ Frame FD5B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e97fc1f500c2ba07d7ae78e11e245b27.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 12:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3150
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 11 Dec 2021 12:51:55 GMT
657081d252e7e20d644f411c068fca8c.js
www.gstatic.com/mysidia/ Frame FD5B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/657081d252e7e20d644f411c068fca8c.js?tag=text/vanilla_cta_animation_title_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3417
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Dec 2021 19:40:49 GMT
css
fonts.googleapis.com/ Frame FD5B 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:06:20 GMT
server
ESF
date
Wed, 15 Sep 2021 13:28:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:28:52 GMT
truncated
/ Frame B016 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d30f85fdfa9b054be0b7441653a86ae0fc0843520aaac953eb3bde8cf07936

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame C6BE 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:11:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame C6BE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:26:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame C6BE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:27:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6BE 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame C6BE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:28:00 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame C6BE 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 14 Dec 2021 12:57:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame FD5B 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:11:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame FD5B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:26:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame FD5B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:27:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD5B 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame FD5B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:28:00 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame FD5B 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 14 Dec 2021 12:57:47 GMT
css
fonts.googleapis.com/ Frame 3034 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:04:35 GMT
server
ESF
date
Wed, 15 Sep 2021 13:28:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:28:52 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 3034 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:11:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 3034 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:26:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 3034 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:27:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3034 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 3034 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 13:28:00 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 3034 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 14 Dec 2021 12:57:47 GMT
truncated
/ Frame C6BE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B016 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 02:53:55 GMT
x-content-type-options
nosniff
age
297297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 02:53:55 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B016 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:48:07 GMT
x-content-type-options
nosniff
age
200445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:48:07 GMT
index.html
s0.2mdn.net/9144881/1626984068035/ Frame 1F3E 		27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9144881/1626984068035/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
07dc14b03b6fbe624fa07491d844328a1049cf198266b3690855c45d1f1f2dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9144881/1626984068035/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
6554
date
Wed, 15 Sep 2021 13:28:52 GMT
expires
Thu, 16 Sep 2021 13:28:52 GMT
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame C6BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C66bIE_VBYaPTLMaXtwfz6rPABIutp9xejpvBzMkNsJAfEAEgouP4N2DJBqAB1Yeu-QLIAQmoAwHIA8sEqgTeAU_QcJfW52EYCAoxJA8KGpxYB7qFG9JYz0nMWb63cYsZFmHSh3GQwaJw3_G5R0xr9PAJ-v5lXwCJv_66V_VcGNpwP8KaWPWDgZHVv-3C_KzI-xvxgfDTBxAGtdwfvwV13WlHllQSSZlZ2uY6u15C-wE4lIg-uScfGUB356TUjDq0q0QTldbA6tj2tizynXqXRDKk403LnuDuVN-mcLINzf0bSACO7vRQpal_cqlPp20ZRrsNRFBj1TkNWpjOIIOVgjzEOOAL16evh3aDJ2Gs-MG0PQ0axu4JV8jNqU0Wa8AExu-rhNMDkgUECAQYAZIFBAgFGASgBi6AB5P40YYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCW9jTSCAcIgGEQARgfgAoByAsBuBOIJ9gTDYgUBtAVAYAXAbIXHAoaCAASFHB1Yi04NzQ5NzM5ODkxNjI0Nzg3GAA&sigh=0xUJkKLDiRI&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 15 Sep 2021 13:28:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/10171688195332181389/ Frame FD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10171688195332181389/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
55b7b77fcfc765ec04afe154f79ae9c33d99520e1815dea7a08f6255320b1989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:45:37 GMT
x-content-type-options
nosniff
age
405795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2049
x-xss-protection
0
last-modified
Mon, 26 Nov 2018 15:52:17 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 20:45:37 GMT
B25036259.291317962;dc_pre=CLC5k--KgfMCFbcw0wodMPcHTg;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame FD5B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_pre=CLC5k--KgfMCFbcw0wodMPcHTg;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rd...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_pre=CLC5k--KgfMCFbcw0wodMPcHTg;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B25036259.291317962;dc_pre=CLC5k--KgfMCFbcw0wodMPcHTg;dc_trk_aid=484407685;dc_trk_cid=102634164;ord=1450926174;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FD5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3JjrE_VBYZ2DLaCDwuIP6d-SqAGJkvfwY8al-vSTDpGZ1a6TDhABIKLj-DdgyQagAbKVuI8DyAEBqAMBqgTeAU_QkV-dFC2Auo-jIhlDSe2hgrv8ClVLIJ2TRfE_YrgK5uhmatGdmLETGTZz2GtJtabFEwZuUHahdLk52_LBsfk3zPm4C2e5uys09MWz17a399c0_ynI7024p3Mgl56y6eJuSIkF0Y78IkO2A02ZTabA4tLZN4AcnJTCV_IXEVRvq4QOFIr0ZtxtZFyJ1qCpDK3ZdHU5g9b8hdN7toN0rdCFQ3ZIDp22xhIFDqTkfYaLMCnlNczjbAy6dbgFn44I-W5czPrIN5qh46BoFoPviUeHf38f4_JQ1KsWAOADFMAE8qPwxqoDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9nO42qoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEJvHFtIIBwiAYRABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODc0OTczOTg5MTYyNDc4NxgA&sigh=SNDJSsNUiwI&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 15 Sep 2021 13:28:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame C6BE 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8553645456eae373cad9cde7ba1fa3bebefef167417c228a55e90cf8b73c4fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame CA0E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUncaimo2xdWRA3IDXdZb_ZT5qgpNqg_MEEJKkAD7IENC3h3JuBf6J8gT1OToZk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 15 Sep 2021 13:02:00 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame C6BE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 02:53:55 GMT
x-content-type-options
nosniff
age
297297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 02:53:55 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame C6BE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:48:07 GMT
x-content-type-options
nosniff
age
200445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:48:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 79CE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUncaimo2xdWRA3IDXdZb_ZT5qgpNqg_MEEJKkAD7IENC3h3JuBf6J8gT1OToZk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 15 Sep 2021 13:02:00 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FD5B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048558e0dbbe6601b2a806c44275ac349fadd142f82e760e2e8846674d478bfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/10381152785877799631/ Frame C6BE 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10381152785877799631/downsize_200k_v1?w=600&h=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f1.1e100.net
Software
sffe /
Resource Hash
38cd6f60fa122255876b3c0a4e5ff851c914b999def2e15443697682462ab168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23088
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 11:51:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Sep 2022 13:28:52 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame B10A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=2185901448&adk=1691712251&adf=404006883&pi=t.ma~as.2185901448&w=718&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=718x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531531&bpp=1&bdt=378&idt=149&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=250&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PAdC5kVXF8&p=https%3A//www.prizestakes.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
64993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 49F5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
64993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 7CF6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=1829092079&adk=2169217537&adf=4204635563&pi=t.ma~as.1829092079&w=1140&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531528&bpp=3&bdt=374&idt=124&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4611666971946&frm=20&pv=2&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OkdRwAAjxr&p=https%3A//www.prizestakes.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
64993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FD5B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 02:53:55 GMT
x-content-type-options
nosniff
age
297297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 02:53:55 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FD5B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:48:07 GMT
x-content-type-options
nosniff
age
200445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:48:07 GMT
960be5c2.jpg
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/960be5c2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
a145d47d1915569bb99eaaca310a912878b4d24dc390af87f83c77092fee1468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4598
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
d9bd9bd4.jpg
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/d9bd9bd4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
290f653eeb32a4ab51aeb40ec00ab04a2d15fd2f9bef29c0ac6c4fe498de072c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5393
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
f6c92ac1.jpg
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/f6c92ac1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
a41acf9ee2c36045c5408debf4c3103f414e4b78bf62213481ddc63bbce372fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9041
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Sep 2021 13:28:52 GMT
00f12ce7.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/00f12ce7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
0cd37f1d0c3b3f11aaeefaa15d81f4db417127013288cadfea71dc1197ea00b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32619
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
dfa519b9.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		985 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/dfa519b9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
b8fd23a08d4a4580f0c52003389cfb5bf4ba5527337620127155f00cdbb86bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
8ba59814.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/8ba59814.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
2994384f7db91472596ffc266105e0f841a5c389166c1c1a2e2b8e334fad6ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1818
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
f40c9b41.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/f40c9b41.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
ed9acbe2310907db34b7c2abac550fc2d23e699dc7cf7a6427553aa33d1962eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6172
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
5c75840a.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/5c75840a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
3dd3e858ac138bbb0fb743cb072a6dda2cc20b08ce42ed8531093f83d6cbeaa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12476
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
02285ebb.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/02285ebb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
18f2e06b8a5b76cfe4c293e28ca7ca853719b81bff3d47ec1fd6313eaea21752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3578
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
e6fa625c.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/e6fa625c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
8a9970647ba5c16f7b48badd1939ff7b1ae724f8b2df35c58bc4ab007e75443d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6645
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Sep 2021 13:28:52 GMT
09aa701e.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/09aa701e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
233fcc97de0dde39aa9b8f206252f8919d7c8e26fc588570a2572fd9f53855ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10679
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
defa0403.png
s0.2mdn.net/9144881/1626984068035/images/ Frame 1F3E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9144881/1626984068035/images/defa0403.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9144881/1626984068035/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f6.1e100.net
Software
sffe /
Resource Hash
d73518fac8b4440b26fd4cd48cc2b3e0431404ee1da7a7c21950b3847efc299c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9144881/1626984068035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:28:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 20:01:08 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9536
x-xss-protection
0
expires
Thu, 16 Sep 2021 13:28:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CA0E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210909/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUncaimo2xdWRA3IDXdZb_ZT5qgpNqg_MEEJKkAD7IENC3h3JuBf6J8gT1OToZk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 15 Sep 2021 13:28:52 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 15-Sep-2021 14:28:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 15 Sep 2021 13:28:52 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame D7A2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: www.prizestakes.com
URL: https://www.prizestakes.com/sweepstakes-giveaways/att/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
64993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 79CE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8749739891624787&output=html&h=280&slotname=5026976764&adk=2530874276&adf=3049628318&pi=t.ma~as.5026976764&w=336&fwrn=4&fwrnh=100&lmt=1631712531&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.prizestakes.com%2Fsweepstakes-giveaways%2Fatt%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631712531532&bpp=1&bdt=379&idt=169&shv=r20210909&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C718x280&correlator=4611666971946&frm=20&pv=1&ga_vid=2118148605.1631712532&ga_sid=1631712532&ga_hid=1910019216&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1014&ady=1085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31062369%2C31062518%2C31062297%2C31062093&oid=3&pvsid=4153914624970488&pem=183&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aSBxOmj3rg&p=https%3A//www.prizestakes.com&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUncaimo2xdWRA3IDXdZb_ZT5qgpNqg_MEEJKkAD7IENC3h3JuBf6J8gT1OToZk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 15 Sep 2021 13:28:52 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 15-Sep-2021 14:28:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 13:28:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 15 Sep 2021 13:28:52 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BP2sjE_VBYZ_tLYbKtwfj_IfwDAAAAAA4AeAEAg&bg=!SUqlSg7NAAYT0U73E9E7ACkAdvg8WrBcgrNM6cOJw4L0jGfrAaTPp0idYiVWKAaRfepBvuhBoCo-mAIAAADoUgAAAApoAQcKAGlNe3AKDXfC2ll9facCvvFjO-v7nSQ8Wh1h2LG5u3PgwKJPJs7WFc9AN_ENhhqmTU2yJXeKIHkbDMzXI0ScmADRP2XcHu15OdODdeSHLbVFbI85uBJx3ZHFB1PkYED1Z9ch1SFO6gTH1Q6ZArozn03hUPVhmA8Y-ek1zvbB9R1dNC46yB0FS_D-vvp8TQsOwes10zDN99b0-34GiAOGrrRIrT3gQf1CKO_RqFoCSj9_3I5nJKBuZp7ExqjsO2FSYk0PMAyqrXnHK04nvhbBOz8ysqwaGc5oDxl7w8MCpVWu8_BXF8IWfInfoCli2lOYmOVo8LOhyxiNV3QnxZVdS2eGhhZxWePQiSdFfnJ0HmzrG06-HGdl7H_ojTlZkCsFGEtSbe_W1RAksQOLvzHwyy-sTWIrxmULI67OEtDovW9YK_Yx4s0OZHg6NcDmn4H8mUTGujtLcLuNrnIh8BLAx3ZqrchMSExDTgEcqNghJfN1QJMJd6h7Gf_O4M2EI4xgUpzurAHYnrbAJoTu26VMrt4cAHKyOPnWsxsAmOhpNH5VDBZsOVhBleO2eMTWG2_jAi5UfSpD6_2xCi_HqrzYCFXK4hkdVN_Eh2-ilkPbMgmEFlB4LJIEn7ZW17_M1JDaRgL8Wq5loT7rtfTViyRLrhus4cLnmbud1MXKjAV6t0HfNK-dOGBCcVSjnR4tgl2v6bijk1JqKcE6rRXKZHiFq4q1dClyuKNOhvToE6kx6VriB-vEAZepcob51wOuLKmmz0ekQEmJLrv8KxAUBLJQVmTwucFz11a1UewAOGxKrZ12DNpUFiY2veka6XZ-j161B8E-p5OmrEe0xB2Z92VZ5RpG725of4Vzvxab3FMzpx--gVXMHer-L2Er2j44P0ON2AsXaUQcfDFGI8DPOUeU2ge50fSvjswlYNkb2lSu-wRjikwpuNZgGiG7zwJcQ4ahZqDYpgP3fHl_jiMjeTbFL_m4HR7BQY8MiLNSPqQC-LayWLRt0NUVdFeHSsDGLoZuFhbqDJBTr0Jav77YCGvTChAZPuLf9I4yufiQljYHD39yt1CDo4nsEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6BE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1zeGn36CZviCR9HvNWwII7gV_sQtbiMVN65WajVrn6u9EyPezXfWKN3-_bSZILQc6vw9DBDi5JbIMcV6RSZj7NxJWWZOYe4FyzoGi0EcFPTMqOVQ&sai=AMfl-YTc4bRpwVs-xltr8NdLoTu0jn8lfMo7PC3GmRUykJrYY4QPRIDqNXPWENm1qgjIQcr6e8MxJpVkmlRo&sig=Cg0ArKJSzKFXuTWUn1SHEAE&id=lidar2&mcvt=1000&p=195,230,475,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2169217537&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631712531666&rpt=1173&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:28:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle object| mc4wp object| alia_vars object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| readyFn function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| alia_core_vars string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga function| aliaCoreReadyFn function| storyRotateNext function| storyRotatePrev function| storyModalResizeToFit function| htmlCheckWindowHeight object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 boolean| __cfRLUnblockHandlers function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| gaplugins object| gaData object| google_image_requests object| FB object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_llp object| googletag

6 Cookies

Domain/Path Name / Value
.prizestakes.com/ Name: _ga
Value: GA1.2.2118148605.1631712532
.prizestakes.com/ Name: _gid
Value: GA1.2.592973060.1631712532
.prizestakes.com/ Name: _gat_gtag_UA_74411062_5
Value: 1
.prizestakes.com/ Name: __gads
Value: ID=67afbca9757bf373-2276a0b737cb00e2:T=1631712531:RT=1631712531:S=ALNI_MZJgYy4vyzyUqx4xPls_Alsm_cDWA
.doubleclick.net/ Name: IDE
Value: AHWqTUncaimo2xdWRA3IDXdZb_ZT5qgpNqg_MEEJKkAD7IENC3h3JuBf6J8gT1OToZk
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.prizestakes.com
104.16.18.94
142.250.179.230
142.250.180.1
142.250.180.14
142.250.180.2
142.250.180.3
142.250.180.8
142.250.187.226
142.250.200.10
172.217.16.226
172.217.16.227
172.217.169.66
172.217.169.68
172.67.178.189
185.60.218.24
216.58.212.194
015fd1b61ab662d29792b28b9d68171c3eaeef2a9015393e69bdace478efe58d
048558e0dbbe6601b2a806c44275ac349fadd142f82e760e2e8846674d478bfd
07dc14b03b6fbe624fa07491d844328a1049cf198266b3690855c45d1f1f2dff
09da166bbd2a7421ea3b4842666bddce3d97c04c95f5e96c464544e1911bdaa3
0cd37f1d0c3b3f11aaeefaa15d81f4db417127013288cadfea71dc1197ea00b8
0d46f2e92fae0333795cf5911f172ccd77c67c60ad15c4b2552f65c241f0e7b7
11e2adee3df5a8e3109c0f86a46522aeccc8d3dee01fa7820b6673b80c5b80fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f2e06b8a5b76cfe4c293e28ca7ca853719b81bff3d47ec1fd6313eaea21752
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
233fcc97de0dde39aa9b8f206252f8919d7c8e26fc588570a2572fd9f53855ac
26d30f85fdfa9b054be0b7441653a86ae0fc0843520aaac953eb3bde8cf07936
290f653eeb32a4ab51aeb40ec00ab04a2d15fd2f9bef29c0ac6c4fe498de072c
2994384f7db91472596ffc266105e0f841a5c389166c1c1a2e2b8e334fad6ea7
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
341eaf997735207ebd5da4f3fb14bc86beb67b9e8777158325966277817d876e
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
38cd6f60fa122255876b3c0a4e5ff851c914b999def2e15443697682462ab168
3dd3e858ac138bbb0fb743cb072a6dda2cc20b08ce42ed8531093f83d6cbeaa6
40d33725e937d8156d1a87ff6ce582888782b94957b08d10750f89bbcf9f7919
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f34cba59d54f9bea050b41bb771837d685eb62d6d3ae15884ca61649cbcb845
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55b7b77fcfc765ec04afe154f79ae9c33d99520e1815dea7a08f6255320b1989
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
618b8292d1276274d61a370e36e777b3a709bbfac8ca61a22a741e8a04de80b2
62738b62849a46842f34013b8528886f10c8d0e1c9aec47d636e05d631e2f60e
66f0cc34faa49ff8e8bf82335ecb77bfab1308a7b296646f74f52a3032ca8c61
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce046b1f131f7476def98915b086ef6310cb2f46b71390c4e9cf8096ea5c44d
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
81dfc31e26ac2768b538618870c6dcfb710a7fe4e4dba2fda1383dd6fc3f98b5
86d6a012e325e49b465207d5aa00dc855102b52718bb199572322a53d5f967d4
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8a9970647ba5c16f7b48badd1939ff7b1ae724f8b2df35c58bc4ab007e75443d
9251908801df777983eca5dfaea71c3fe1fa8082041b382fc02ccfcb8358cad3
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9e9ad04a38240c2ab9b45f17a5d35c51e1cccb51163dd38ab0bbce6bebe3f26f
a145d47d1915569bb99eaaca310a912878b4d24dc390af87f83c77092fee1468
a41acf9ee2c36045c5408debf4c3103f414e4b78bf62213481ddc63bbce372fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aab124def360f1edf625076dbedba0808d9f86b955167e0251acd3249e8cbd91
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
afc56fa9b620d5489ed28f18d0f002bcbc1af6d7fb1acf5e181487f6b16bae01
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8553645456eae373cad9cde7ba1fa3bebefef167417c228a55e90cf8b73c4fb
b8fd23a08d4a4580f0c52003389cfb5bf4ba5527337620127155f00cdbb86bb0
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d73518fac8b4440b26fd4cd48cc2b3e0431404ee1da7a7c21950b3847efc299c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
d994207cf1032eaf12f1af842ce9fb590287be644dac2304660ec8a4bbd49b4d
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293
de29f2166215e8af0e5bccb5c42c63a96acb1d85289945b722072b2d87760ec4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e25545816ef00c201f6f8588c3a3f62a7a5df1a9532c331acc9a66399c013122
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74ff071848b54d3981032a95f608e6a49f67b2675f63d800f55511194593fee
ec095e2ac2d9554d0fc29aa3d63b1ec3fa85727feb0404b516b380e189c6d6b7
ed9acbe2310907db34b7c2abac550fc2d23e699dc7cf7a6427553aa33d1962eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0183d0bac22651257802d07167fa037c06d34e58879db3f99be7dd5ab98b73d
f415a815b5ccb766385c98e5d52eb0dc4de665b4dbb06c9653edb59d9937a61a
f425b92ffbb47386c1e8de55f8965f57165c0483721116bf67bdd32eca168eee
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
f985cb7f84f81ff829c6e0136c92802715bbdf0b1c16d2892db43326ace4b6f9
fbaf30f97258e2f743d7552b89c7a320d09f0b935e6723ecf9f043ab65b90c58
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdeee8242e8a8ebae85c2ed3cbeddc8fbbfbb9c6ca7e09a8f8210910afc4d91a