gocsgo.net Open in urlscan Pro
2a01:4f8:d0a:2677::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gocsgo.net/
Effective URL:
https://gocsgo.net/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 15 via api (April 15th 2023, 6:57:21 am UTC) from DE — Scanned from DE

Summary HTTP 174 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 29 domains to perform 174 HTTP transactions. The main IP is 2a01:4f8:d0a:2677::2, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is gocsgo.net.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.

This is the only time gocsgo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	2a01:4f8:d0a:... 2a01:4f8:d0a:2677::2	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 13	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	35.158.143.193 35.158.143.193	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.156.38 3.126.156.38	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:e::6	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
174	27

56 2a01:4f8:d0a:2677::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

gocsgo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

https-www-gocsgo-net.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.143.193 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-143-193.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.156.38 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-156-38.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:e::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edn6r.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	gocsgo.net 1 redirects gocsgo.net	4 MB
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	575 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	165 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	270 KB
10	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9589	3 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4135 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	195 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6074 adservice.google.de — Cisco Umbrella Rank: 9047	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 779 s.tribalfusion.com — Cisco Umbrella Rank: 1904	2 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3829	74 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 585	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4727	749 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3784 r1---sn-4g5edn6r.gvt1.com	789 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2338	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 496	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 685	843 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	disqus.com https-www-gocsgo-net.disqus.com	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	129 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 449	758 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 627	587 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6846	624 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1738	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	603 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	2 KB
1	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 44272	37 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
174	29

	Domain	Requested by
56	gocsgo.net	1 redirects gocsgo.net web.webpushs.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	gocsgo.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	cm.g.doubleclick.net	gocsgo.net googleads.g.doubleclick.net
10	mc.yandex.com	3 redirects gocsgo.net mc.yandex.ru
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	x.bidswitch.net	5 redirects
5	fonts.googleapis.com	gocsgo.net googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	gocsgo.net googleads.g.doubleclick.net tpc.googlesyndication.com
3	mc.yandex.ru	2 redirects gocsgo.net
2	c1.adform.net	2 redirects
2	pool.admedo.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	a.sportradarserving.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google.de	gocsgo.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	https-www-gocsgo-net.disqus.com	gocsgo.net https-www-gocsgo-net.disqus.com
2	www.googletagmanager.com	gocsgo.net www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r1---sn-4g5edn6r.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	gocsgo.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	gocsgo.net
1	web.webpushs.com	gocsgo.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
174	39

This site contains links to these domains. Also see Links.

Domain
vk.com
t.me
twitter.com

Subject Issuer	Validity	Valid
gocsgo.net R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-06` - `2024-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://gocsgo.net/
Frame ID: 42C11DADF8EB28FA70DC7850D289CEE9
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 5463AF3A4FD5FBD660636D84A22711C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&adk=1812271804&adf=1573534164&lmt=1681475114&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l&format=0x0&url=https%3A%2F%2Fgocsgo.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835528&bpp=5&bdt=306&idt=233&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3660793870658&frm=20&pv=2&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: 2BEED0CD7406336EF576A5E6084F66E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=280&slotname=9372963883&adk=705839202&adf=3025194257&pi=t.ma~as.9372963883&w=1200&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&format=1200x280&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835533&bpp=2&bdt=311&idt=305&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qGBAYWsbrm&p=https%3A//gocsgo.net&dtd=312
Frame ID: AF4F43ECC64092C045EE866EB10353B6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15
Frame ID: 23E680509DA63448C219D1C4F2918D30
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20
Frame ID: F465E8D9E721EF4F1580BFF2A5094511
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: C7A4BD3D5444D155A87A3C374B50BA5E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 04D3480DC6BF0841671F9BD5FD3AA300
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 067E68C4C060384A7F9A81D7111B040A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04C6D612255A56E1027CEF6B121F40E1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 430536572233B07AEAC7B64135C8200C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B65A58E178DD61AB8DF2460800F40CD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: B3A5BDA318C3E2389596442A5C56BC69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D2C0477187908FB037AF828D7945EC4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E00012C215514DC6626BDABBC5FCA602
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GOCSGO - Киберспорт, новости, игры и стримы по CS GO

Page URL History Show full URLs

http://gocsgo.net/ HTTP 301
https://gocsgo.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

91 %
HTTPS

74 %
IPv6

29
Domains

39
Subdomains

27
IPs

7
Countries

6818 kB
Transfer

8966 kB
Size

42
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://vk.com/gocsgodotnet

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAEQyFpp4fgdQ4uuxtw

Search URL Search Domain Scan URL

URL: https://twitter.com/gocsgonet

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gocsgo.net/ HTTP 301
https://gocsgo.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9974.ymLKok7EnPsHmiOOjXVsFeIN1oQ4p3-Px4fT2Go9zLjLsI1-u5oCQSkGr1bvTzSx.aqhpuAiGnADadk4IyU8gMVMCKlA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9974.DL9CSQ2QNZbM-Lp1v1jS14ilCk_pr0pwwz6koy3DhikgsHT3-ZP9VMDxbbtQ7PMg5l6nzJ09kICliL-JzHqcoGBOMbMgM2a_UM7AP_R2bZc%2C.CX3BDiVK_FbImFeErzcOYkZ5YBw%2C

Request Chain 82

https://mc.yandex.com/watch/54843430?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A44053028736%3Ahid%3A905625401%3Az%3A0%3Ai%3A20230415065715%3Aet%3A1681541836%3Ac%3A1%3Arn%3A1016631185%3Arqn%3A1%3Au%3A1681541836349971506%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C25%2C338%2C1%2C190%2C0%2C%2C241%2C12%2C%2C%2C%2C796%3Aco%3A0%3Acpf%3A1%3Ans%3A1681541834666%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681541836%3At%3AGOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54843430/1?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A44053028736%3Ahid%3A905625401%3Az%3A0%3Ai%3A20230415065715%3Aet%3A1681541836%3Ac%3A1%3Arn%3A1016631185%3Arqn%3A1%3Au%3A1681541836349971506%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C25%2C338%2C1%2C190%2C0%2C%2C241%2C12%2C%2C%2C%2C796%3Aco%3A0%3Acpf%3A1%3Ans%3A1681541834666%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681541836%3At%3AGOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9974.rNAz775T7ccgm0j9g_H2k_ZsiUonJqic42PFySwQjiuLAO4Df1c-t3B7DnNNEaZM.G6mSnHn-nDNWp19-lKC2n6uizqc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9974.XkHQYCD0DIR0HBK8Knu4rrxaxdw0fqN2ruotCqkPNoJfj2eLRO59mZwaGyCVIF50qz2Y8dkvk4p48MY8NEGnITnx7bucdF_pPXIhe8iK-eY%2C.a9KaGZ7PPsV5r149M7TStNU76FM%2C

Request Chain 125

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEebE-Is542yzpKKnMin5XM&google_cver=1&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toWtVlBi8keFDtFzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toWtVlBi8keFDtFzA

Request Chain 126

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 127

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEep-VgJkFYebRBB7nr-cYY&google_cver=1&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEep-VgJkFYebRBB7nr-cYY&google_cver=1&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=22bcc11c-f030-409a-89f1-bf1d577ad548&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj&google_hm=hyw67no0TS2aEvYNuneXhA==

Request Chain 130

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENuiZeEcwOH6VkQoM6IohRY&google_cver=1&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOzOA5ZlQvhLQOMn5eZhKpwzLRqTOAFztDd8S8UM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOzOA5ZlQvhLQOMn5eZhKpwzLRqTOAFztDd8S8UM&google_hm=mjY511IYRU-RxDrLdWBw4Ag

Request Chain 153

https://redirector.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=68566CF20C2B16A3FD973E925700257279FC954C.69D76390D81FBEE869B4BF2C12264FC1714FED1B&key=ck2 HTTP 302
https://r1---sn-4g5edn6r.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2546A2B250D88D53EEC5A1778A1E5CE8D245C535.507169A5BBB264E1AA17E5BFBDCDCED1A6660461&key=cms1&cms_redirect=yes&mh=vS&mip=2001:ac8:20:3c00:1012:2bfc:8912:f6ff&mm=28&mn=sn-4g5edn6r&ms=nvh&mt=1681540912&mv=u&mvi=1&pl=49

Request Chain 158

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMk5gNFjZfu35FKEHBY5UEc&google_cver=1&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7GMmR2RvHt08ZSR1_jWVXJNoInoKe0CDvvSuft1gNynfAdBQfL9xLqZ8cKkLyurX-Q9PID0Jt0WH-JAr8d8Ln-FIzZsZLHqVUDpnGIk HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7GMmR2RvHt08ZSR1_jWVXJNoInoKe0CDvvSuft1gNynfAdBQfL9xLqZ8cKkLyurX-Q9PID0Jt0WH-JAr8d8Ln-FIzZsZLHqVUDpnGIk&google_hm=2KLw_kkWvBgSg1jk8lmEEA

Request Chain 159

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO86_K7Bu82DUiIitG5JaGs&google_cver=1&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1SkdSVg1ZeGPaw-FyeYBndRW0dSnyOr4LapXNt0csc7ykjgodczXx56POUyHRHDYy_pksOEAh3M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=milkOkrNQwCxTX6VEiwUZw&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1SkdSVg1ZeGPaw-FyeYBndRW0dSnyOr4LapXNt0csc7ykjgodczXx56POUyHRHDYy_pksOEAh3M

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMvXbI20b4o2eunmssDjjCA&google_cver=1&google_push=Aer7DvI22IeQXb6--eecAGj6K672f2JtcrUGkFpwfBYetrTWj08b82e6-gVuLd0kf3J4hxMltVMowrfdUv-TjnWgfFIUqrzLQadgN6qcY-qj8wztqk83whmTPAqhb06bHw3HSJxZYFBFa0sDmPMX2zw5ON8Tslo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMvXbI20b4o2eunmssDjjCA&google_push=Aer7DvI22IeQXb6--eecAGj6K672f2JtcrUGkFpwfBYetrTWj08b82e6-gVuLd0kf3J4hxMltVMowrfdUv-TjnWgfFIUqrzLQadgN6qcY-qj8wztqk83whmTPAqhb06bHw3HSJxZYFBFa0sDmPMX2zw5ON8Tslo

Request Chain 162

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEErkBrQCrdbb0_sxewNvz5M&google_cver=1&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vEU9hI2Dmn2WWqS699xFnDBckxlyTsW1qRCXRbHWQqx3HssU8Cd7UhErgpDiXJmM2v63k HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=872c3aee-7a34-4d2d-9a12-f60dba779784 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=872c3aee-7a34-4d2d-9a12-f60dba779784 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d3ac70eb-a0f7-4d46-9450-4dafd07a180e&user_group=1&ssp=google&bsw_param=872c3aee-7a34-4d2d-9a12-f60dba779784 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vEU9hI2Dmn2WWqS699xFnDBckxlyTsW1qRCXRbHWQqx3HssU8Cd7UhErgpDiXJmM2v63k&google_hm=hyw67no0TS2aEvYNuneXhA==

Request Chain 163

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHx05Xqg1CbSMLuAqMueUcc&google_cver=1&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYolKeddF96k-OcHnWHceCD5B0ElMBJ1vzMMRJudlnFk6Be2MV6_6YqABZoxp7STThJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYolKeddF96k-OcHnWHceCD5B0ElMBJ1vzMMRJudlnFk6Be2MV6_6YqABZoxp7STThJA&google_hm=eS1Vb1M2Skx0RTJwR1gzZElSbnU2UTlXRktDSTdsZEZrRn5B

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM_Pt6P51nRK2DcgtAkE_iU&google_cver=1&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6aIlRjqgRj4WZqbFqEqBOfB3sg-IFtz9P0Ao4f5CFFbIGongfUL0e4yXJqXwDnJPr7ZdlNF8QsjqsbE4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM_Pt6P51nRK2DcgtAkE_iU&google_cver=1&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6aIlRjqgRj4WZqbFqEqBOfB3sg-IFtz9P0Ao4f5CFFbIGongfUL0e4yXJqXwDnJPr7ZdlNF8QsjqsbE4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc1MTY0MjQ2NDM2NTQxOTA3OA&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6aIlRjqgRj4WZqbFqEqBOfB3sg-IFtz9P0Ao4f5CFFbIGongfUL0e4yXJqXwDnJPr7ZdlNF8QsjqsbE4

174 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gocsgo.net/
Redirect Chain

http://gocsgo.net/
https://gocsgo.net/

58 KB
12 KB

364ms
338ms

Document
text/html

2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 49adefe64f0b21e3bdf5ccc52e1cbc0988bc0a3d40bedd2fd8ed77f381394eeb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 11945
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 06:57:14 GMT
last-modified: Fri, 14 Apr 2023 12:25:14 GMT
server: Apache
vary: Accept-Encoding,Cookie

Redirect headers

Connection: Keep-Alive
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 15 Apr 2023 06:57:14 GMT
Keep-Alive: timeout=15, max=100
Location: https://gocsgo.net/
Server: Apache

GET
H2 200 style.css
gocsgo.net/wp-content/themes/edge/ 81 KB
81 KB 11ms
10ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/style.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 86a45b5a2ab490b3a1c802710e7b23b724454c94a3c182c551bffd933b3ecf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Tue, 03 Jan 2023 16:04:56 GMT
server: Apache
accept-ranges: bytes
etag: "143ee-5f15e3aa975da"
content-length: 82926
content-type: text/css

GET
H2 200 font-awesome.min.css
gocsgo.net/wp-content/themes/edge/assets/font-awesome/css/ 30 KB
30 KB 29ms
28ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/font-awesome/css/font-awesome.min.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:44:38 GMT
server: Apache
accept-ranges: bytes
etag: "7918-5e1cb832a8bad"
content-length: 31000
content-type: text/css

GET
H2 200 responsive.css
gocsgo.net/wp-content/themes/edge/css/ 11 KB
11 KB 30ms
29ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/css/responsive.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: a5ecd6c8d85b8e5e1dc7df9f8f2033b3242803a4d155f3ee0c121efd4a9c31e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:50 GMT
server: Apache
accept-ranges: bytes
etag: "2a4d-5e1cafbfcd6d4"
content-length: 10829
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 46ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C400italic%7CPlayfair+Display

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

600925f58ac9b5e7a1aaa04c30f00c33a8633133667c28586ecb9eb3da37496c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:57:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 06:57:15 GMT

GET
H2 200 swiper-bundle.min.css
gocsgo.net/wp-content/themes/edge/assets/swiper/ 14 KB
14 KB 30ms
29ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/swiper/swiper-bundle.min.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: b430ed0b808e404ebf5572db9c394187295463a6a3e38e9e4c2df0f7bc8efa5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:41:46 GMT
server: Apache
accept-ranges: bytes
etag: "3661-5e1cb78ec2a7d"
content-length: 13921
content-type: text/css

GET
H2 200 jquery.js Show response
gocsgo.net/wp-includes/js/jquery/ 95 KB
95 KB 30ms
30ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-includes/js/jquery/jquery.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:05:37 GMT
server: Apache
accept-ranges: bytes
etag: "17a6a-5e1caf798ff41"
content-length: 96874
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
gocsgo.net/wp-includes/js/jquery/ 10 KB
10 KB 30ms
30ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:05:36 GMT
server: Apache
accept-ranges: bytes
etag: "2748-5e1caf7916dc0"
content-length: 10056
content-type: application/javascript

GET
H2 200 edge-main.js Show response
gocsgo.net/wp-content/themes/edge/js/ 3 KB
3 KB 30ms
30ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/js/edge-main.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: b1498b4420d6ff0f7b2b4700bbafc1aad186e0604112916d638fa028e174a299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:52 GMT
server: Apache
accept-ranges: bytes
etag: "a8e-5e1cafc145677"
content-length: 2702
content-type: application/javascript

GET
H2 200 2eef24e06e93b47716f29f06bb053375_1.js Show response
web.webpushs.com/js/push/ 116 KB
37 KB 124ms
20ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/2eef24e06e93b47716f29f06bb053375_1.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

1ebecce52ccc56b5068c3a8cfe9b0560228f52ff9b9b823595e78fa4c353a14a

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 15 Apr 2023 06:57:15 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 265990
x-accel-date: 1681275845
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rgUg5FL/Bg8EAA
x-accel-expires: @1681880645
x-sp-ma: sp-ma-2
last-modified: Tue, 14 Mar 2023 13:06:03 GMT
server: CDN77-Turbo
etag: W/"1d1ed-5f6dbe3cfb3c0"
x-77-nzt-ray: 25b02131561d9c18cb4a3a64a381ea17
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=604800
expires: Wed, 29 Mar 2023 04:19:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 138ms
101ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6400e6f97c441fca387d1b02df1fbdd1baede26e66f7c875fcd6ea5c9264515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48260
x-xss-protection: 0
server: cafe
etag: 11236419852621473808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:15 GMT

GET
H2 200 cropped-logo-new.png
gocsgo.net/wp-content/uploads/2018/03/ 16 KB
16 KB 32ms
15ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2018/03/cropped-logo-new.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5295c5a4d9bf99db1c20a3330affdcca13e1c511e45691c3727843f16784eea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:58 GMT
server: Apache
accept-ranges: bytes
etag: "4181-5e1cafc759121"
content-length: 16769
content-type: image/png

GET
H2 200 bolshaya-.jpg
gocsgo.net/wp-content/uploads/2023/03/ 249 KB
249 KB 32ms
15ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/03/bolshaya-.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: abf6a90f2122fa511309308188191656821a54fef5e83b3354ba413346030c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 31 Mar 2023 17:28:12 GMT
server: Apache
accept-ranges: bytes
etag: "3e28a-5f835889c4ca9"
content-length: 254602
content-type: image/jpeg

GET
H2 200 nozh-1.jpg
gocsgo.net/wp-content/uploads/2023/04/ 276 KB
276 KB 39ms
22ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/nozh-1.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 043c00bce8a161f1d89d4a400bfbb137d7b8aa1f813bdcd28acceb0875e13093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 14 Apr 2023 12:22:28 GMT
server: Apache
accept-ranges: bytes
etag: "44ffd-5f94ae504c8ba"
content-length: 282621
content-type: image/jpeg

GET
H2 200 standoff-2.jpg
gocsgo.net/wp-content/uploads/2023/04/ 453 KB
453 KB 39ms
23ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/standoff-2.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 828c916265f89cc642ce801d79f128735d689559543e5be5a62d713896e70487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 14 Apr 2023 11:09:03 GMT
server: Apache
accept-ranges: bytes
etag: "71388-5f949de744f57"
content-length: 463752
content-type: image/jpeg

GET
H2 200 standoff2.jpg
gocsgo.net/wp-content/uploads/2023/04/ 439 KB
439 KB 57ms
41ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/standoff2.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: f6278d4d8606914e659cc7f30c76cef0366252ec13e5302fa3c0e7946b97232c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 14 Apr 2023 10:36:30 GMT
server: Apache
accept-ranges: bytes
etag: "6dc7c-5f9496a057079"
content-length: 449660
content-type: image/jpeg

GET
H2 200 2-1.jpg
gocsgo.net/wp-content/uploads/2023/04/ 558 KB
558 KB 56ms
40ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/2-1.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 563a74589a5309768560561ba3aa0ff517909ab324f73464889c3f23f88a7a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 14 Apr 2023 09:31:28 GMT
server: Apache
accept-ranges: bytes
etag: "8b70e-5f9488179bb0b"
content-length: 571150
content-type: image/jpeg

GET
H2 200 monte-.jpg
gocsgo.net/wp-content/uploads/2023/04/ 473 KB
473 KB 64ms
48ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/monte-.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3d292787a58e7fb664514569857091255dbe6020b5860d3cfca3381e6b97ff46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Thu, 13 Apr 2023 14:48:02 GMT
server: Apache
accept-ranges: bytes
etag: "762fd-5f938cfc5fcf5"
content-length: 484093
content-type: image/jpeg

GET
H2 200 deshevaya-videokarta-dlya-dota-2.jpg
gocsgo.net/wp-content/uploads/2023/04/ 772 KB
772 KB 68ms
52ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/deshevaya-videokarta-dlya-dota-2.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: b3873256ca84d7f95c6bb8dff7600abee8d562fa1b50aeffd62de2f5bac4fcce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Thu, 13 Apr 2023 13:58:30 GMT
server: Apache
accept-ranges: bytes
etag: "c0e66-5f9381e93faa3"
content-length: 790118
content-type: image/jpeg

GET
H2 200 pochemu-kibersportsmeny-ispolzuyut-timspik.jpg
gocsgo.net/wp-content/uploads/2023/04/ 104 KB
104 KB 74ms
59ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/pochemu-kibersportsmeny-ispolzuyut-timspik.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3d5a0c4c935182b3504cc3141b5e2c94208728e62fa7f3c9b06b84080c5ca1b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Thu, 13 Apr 2023 10:44:06 GMT
server: Apache
accept-ranges: bytes
etag: "19f52-5f935675c5a64"
content-length: 106322
content-type: image/jpeg

GET
H2 200 valorant.jpg
gocsgo.net/wp-content/uploads/2023/04/ 182 KB
182 KB 78ms
62ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/valorant.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: b6ed24fa1e528dba09e374ae01aa5e6ae9d19b4ebe8b626b940f3db961256a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Wed, 12 Apr 2023 16:45:38 GMT
server: Apache
accept-ranges: bytes
etag: "2d6eb-5f926567e364e"
content-length: 186091
content-type: image/jpeg

GET
H2 200 kvadratnyy-pritsel.jpg
gocsgo.net/wp-content/uploads/2023/04/ 208 KB
209 KB 82ms
66ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/kvadratnyy-pritsel.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e80c1429084e35d5416b95531d6cb790a8e7daf6a63075ea74f512776f130072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Wed, 12 Apr 2023 13:45:27 GMT
server: Apache
accept-ranges: bytes
etag: "341ae-5f923d21d1268"
content-length: 213422
content-type: image/jpeg

GET
H2 200 stoit-li-investirovat-v-kapsuly-blast-paris-major-2023.jpg
gocsgo.net/wp-content/uploads/2023/04/ 179 KB
179 KB 88ms
72ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/04/stoit-li-investirovat-v-kapsuly-blast-paris-major-2023.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 934d7f8a95df2fdb58e3a084933d1f6e4adc997a87fcf6fcf2d88ba97f962e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Wed, 12 Apr 2023 12:22:51 GMT
server: Apache
accept-ranges: bytes
etag: "2ca0e-5f922aab13524"
content-length: 182798
content-type: image/jpeg

GET
H2 200 g2-logo-mini.png
gocsgo.net/wp-content/uploads/2020/10/ 1 KB
1 KB 88ms
73ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/10/g2-logo-mini.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c2704429a13038a8c4085ea45f2ebac77a1fe0261b79d8e05c7c11565a26f012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:46 GMT
server: Apache
accept-ranges: bytes
etag: "403-5e1cb1f83465b"
content-length: 1027
content-type: image/png

GET
H2 200 new-heroic-logo.jpg
gocsgo.net/wp-content/uploads/2023/02/ 1 KB
1 KB 92ms
77ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2023/02/new-heroic-logo.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8c168ce2be9c2b41232bb803816b4d2dd7c7ce64e42a35ebd54daa546e1f4ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Fri, 03 Feb 2023 10:36:24 GMT
server: Apache
accept-ranges: bytes
etag: "480-5f3c940d0d569"
content-length: 1152
content-type: image/jpeg

GET
H2 200 mini-faze-clan-logo.png
gocsgo.net/wp-content/uploads/2020/05/ 658 B
729 B 95ms
80ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/05/mini-faze-clan-logo.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c1ac199347f073b3f45a79aaf9a61a6f9a12b01cfeacfcd0fa9cc2ddc030d79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:25 GMT
server: Apache
accept-ranges: bytes
etag: "292-5e1cb1e376d19"
content-length: 658
content-type: image/png

GET
H2 200 mini-liquid.png
gocsgo.net/wp-content/uploads/2020/05/ 998 B
1 KB 97ms
82ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/05/mini-liquid.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 047923150d05ae5a2f04492c616d2011ef470f81d9464c491d69444d346c3d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:25 GMT
server: Apache
accept-ranges: bytes
etag: "3e6-5e1cb1e3c8d99"
content-length: 998
content-type: image/png

GET
H2 200 outsiders.jpg
gocsgo.net/wp-content/uploads/2022/05/ 839 B
910 B 99ms
84ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2022/05/outsiders.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 79ff470d2082ea3255967e2a9f1dd08051ec73b2fca943bb85ae1718b018fc49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:38:55 GMT
server: Apache
accept-ranges: bytes
etag: "347-5e1cb6eb3572d"
content-length: 839
content-type: image/jpeg

GET
H2 200 mini-navi-logo.png
gocsgo.net/wp-content/uploads/2020/05/ 949 B
997 B 103ms
88ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/05/mini-navi-logo.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 152e662250a15a9946e3ff3f4b4ba9ce509fbd59ccb16011e76155c2bf0d20bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:25 GMT
server: Apache
accept-ranges: bytes
etag: "3b5-5e1cb1e3efe99"
content-length: 949
content-type: image/png

GET
H2 200 mousesports-logo-mini-new.jpg
gocsgo.net/wp-content/uploads/2021/10/ 1 KB
1 KB 104ms
90ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/10/mousesports-logo-mini-new.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: d1c8ede9f6374f87b7bd3fc293efd0f3abaaa9a796fc6a720f80db2c9bc8e279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:24:20 GMT
server: Apache
accept-ranges: bytes
etag: "40b-5e1cb3a8c0041"
content-length: 1035
content-type: image/jpeg

GET
H2 200 mini-furia-logo.jpg
gocsgo.net/wp-content/uploads/2020/05/ 979 B
1 KB 107ms
93ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/05/mini-furia-logo.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8f09b3c096bd421355d2297b782c01512234385fa2c947d3609ed35d5e2f8bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:25 GMT
server: Apache
accept-ranges: bytes
etag: "3d3-5e1cb1e39fd59"
content-length: 979
content-type: image/jpeg

GET
H2 200 og-logo-mini.jpg
gocsgo.net/wp-content/uploads/2020/10/ 1 KB
1 KB 109ms
94ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/10/og-logo-mini.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 88bae1d4ee64b770f101fb4f13045a1dcad9158f131fe9a9fae96d80f61dd569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:51 GMT
server: Apache
accept-ranges: bytes
etag: "43a-5e1cb1fcd20a2"
content-length: 1082
content-type: image/jpeg

GET
H2 200 mini-vitality-logo.png
gocsgo.net/wp-content/uploads/2020/05/ 855 B
903 B 109ms
95ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2020/05/mini-vitality-logo.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 612e0c72fccddab3116dde031619e4f0379e329d43670bab4e52f903b427f59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:16:25 GMT
server: Apache
accept-ranges: bytes
etag: "357-5e1cb1e3f1dd9"
content-length: 855
content-type: image/png

GET
H2 200 simplecfg.jpg
gocsgo.net/wp-content/uploads/2021/08/ 19 KB
19 KB 112ms
98ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/08/simplecfg.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e4ba3380f0caae013653881bc7a7512d821a1c23d52a104d1717528f29267c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:20:57 GMT
server: Apache
accept-ranges: bytes
etag: "4c8a-5e1cb2e6f78a3"
content-length: 19594
content-type: image/jpeg

GET
H2 200 zywoocfg.jpg
gocsgo.net/wp-content/uploads/2021/08/ 21 KB
21 KB 109ms
95ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/08/zywoocfg.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4d6289ba3481fd389360d0f913bc14c0054a34f6df65c1062ec9d17163c82c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:21:36 GMT
server: Apache
accept-ranges: bytes
etag: "5588-5e1cb30cb1c21"
content-length: 21896
content-type: image/jpeg

GET
H2 200 otwizoofj9g9t8kp8wqndq.jpg
gocsgo.net/wp-content/uploads/2021/08/ 32 KB
32 KB 110ms
96ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/08/otwizoofj9g9t8kp8wqndq.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8b84e8e5f80f9b1c9185fe81dd21a8e48e15e3f35aaa49cc0bb9bb00e09beb98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:20:30 GMT
server: Apache
accept-ranges: bytes
etag: "805a-5e1cb2cdb1cd9"
content-length: 32858
content-type: image/jpeg

GET
H2 200 shape-1.png
gocsgo.net/wp-content/uploads/2019/06/ 226 B
295 B 112ms
98ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2019/06/shape-1.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: cfb8ce36d294ff0664b2c08f574abf12be8650f8ad28ec9e2db3cef1515d8719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:12:32 GMT
server: Apache
accept-ranges: bytes
etag: "e2-5e1cb105b050c"
content-length: 226
content-type: image/png

GET
H2 200 ico-vk.png
gocsgo.net/wp-content/uploads/2021/12/ 1 KB
1 KB 110ms
97ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/12/ico-vk.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8d2024e6d6a96e21a0e73f471c021ad8f7e6ac4afdd34d3565b777acc853dec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:29:37 GMT
server: Apache
accept-ranges: bytes
etag: "45b-5e1cb4d71b757"
content-length: 1115
content-type: image/png

GET
H2 200 frame-1.png
gocsgo.net/wp-content/uploads/2022/01/ 639 B
710 B 111ms
98ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2022/01/frame-1.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0dd71050ab50b109dce56153689587e5882615bd8c24eb1facaeca69891e6f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:31:44 GMT
server: Apache
accept-ranges: bytes
etag: "27f-5e1cb55000ba0"
content-length: 639
content-type: image/png

GET
H2 200 email-gocsgonet.png
gocsgo.net/wp-content/uploads/2021/12/ 2 KB
2 KB 112ms
98ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2021/12/email-gocsgonet.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5a7ff420e231eccb016c83a5318296d8c104c53eb8413819c17a05a3155c2a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:29:27 GMT
server: Apache
accept-ranges: bytes
etag: "73a-5e1cb4cd71d27"
content-length: 1850
content-type: image/png

GET
H2 200 twitter-csgo.png
gocsgo.net/wp-content/uploads/2022/02/ 326 B
397 B 112ms
99ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2022/02/twitter-csgo.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 80be75346a05d376a0f2e405b9696e8406a195b29b4c1cd6ca962a63959c62a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:35:11 GMT
server: Apache
accept-ranges: bytes
etag: "146-5e1cb615a9649"
content-length: 326
content-type: image/png

GET
H2 200 jquery.scrollTo.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.0/ 3 KB
2 KB 47ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.0/jquery.scrollTo.min.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bc8f3b7bcb7506c84c9f83ad4b417e25d01bd8ade4ffd1cf0296d253a9c3ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 821979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1245
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-aec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BO1laWkyylLmQsUJVh0ddIcpPy3UWNhIc9qqTKP8i3lv394fo39PuWk%2Fug9L%2BoF1f5Fs6uwGQHZ87mxh5mV%2BkaqX438M7QIvc3L6c1il5eA415qLPbB1%2FRbIPyCqFADMtq1S%2FhpIbD%2FIlExpQK4RjiS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b824b16adc49262-FRA
expires: Thu, 04 Apr 2024 06:57:15 GMT

GET
H2 200 nivo-slider.css
gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 2 KB
2 KB 9ms
9ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: fc1b728d5c5048ccf472c28a89245162b7146da2441cfbdd6fee6b02eff5db2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:44:23 GMT
server: Apache
accept-ranges: bytes
etag: "8d5-5e1cb82415475"
content-length: 2261
content-type: text/css

GET
H2 200 public.css
gocsgo.net/wp-content/plugins/ml-slider/assets/metaslider/ 6 KB
6 KB 9ms
9ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/metaslider/public.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: ef0413a4230d37e77455ba46f3fdf5fda5b3bb0090a62f2f792e2bba03e30e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:41:11 GMT
server: Apache
accept-ranges: bytes
etag: "1886-5e1cb76d6f645"
content-length: 6278
content-type: text/css

GET
H2 200 default.css
gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 2 KB
2 KB 16ms
5ms Stylesheet
text/css 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 24fc07e4176afcb82afa8342e89777a846fad19a15e649a56f6faaf355229aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:50:30 GMT
server: Apache
accept-ranges: bytes
etag: "8c0-5e1cb981d493a"
content-length: 2240
content-type: text/css

GET
H2 200 comment_count.js Show response
gocsgo.net/wp-content/plugins/disqus-comment-system/public/js/ 889 B
960 B 27ms
9ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:40:42 GMT
server: Apache
accept-ranges: bytes
etag: "379-5e1cb751acef7"
content-length: 889
content-type: application/javascript

GET
H2 200 jquery.cycle.all.js Show response
gocsgo.net/wp-content/themes/edge/js/ 26 KB
26 KB 28ms
10ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/js/jquery.cycle.all.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 71e53825f3ca5608dd11cccc18de10932c62c68d0aa5e060407fd0912537619e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:52 GMT
server: Apache
accept-ranges: bytes
etag: "6693-5e1cafc196757"
content-length: 26259
content-type: application/javascript

GET
H2 200 edge-slider-setting.js Show response
gocsgo.net/wp-content/themes/edge/js/ 444 B
492 B 28ms
10ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/js/edge-slider-setting.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7a375048ed9108c466a84db3a3ea6bf33f228b02345e4421520995b39ef728c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:52 GMT
server: Apache
accept-ranges: bytes
etag: "1bc-5e1cafc16b7d7"
content-length: 444
content-type: application/javascript

GET
H2 200 jquery.sticky.min.js Show response
gocsgo.net/wp-content/themes/edge/assets/sticky/ 4 KB
4 KB 29ms
11ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/sticky/jquery.sticky.min.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9ea3f941d143f512c5b38e6727d3e99399637c241cee48125e249540a4e1032b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:41:46 GMT
server: Apache
accept-ranges: bytes
etag: "10e5-5e1cb78e0c09c"
content-length: 4325
content-type: application/javascript

GET
H2 200 sticky-settings.js Show response
gocsgo.net/wp-content/themes/edge/assets/sticky/ 321 B
368 B 29ms
11ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/sticky/sticky-settings.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c8e9b351d9f5346b80117937d899d560ed285259f20caba6a3bc38ca5ae89b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:41:46 GMT
server: Apache
accept-ranges: bytes
etag: "141-5e1cb78e321fc"
content-length: 321
content-type: application/javascript

GET
H2 200 navigation.js Show response
gocsgo.net/wp-content/themes/edge/js/ 2 KB
2 KB 29ms
11ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/js/navigation.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7288f38e4c2448497e5f11b19d115541ff911abba5065437043f83d4cb4be1fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:52 GMT
server: Apache
accept-ranges: bytes
etag: "605-5e1cafc1bc8b7"
content-length: 1541
content-type: application/javascript

GET
H2 200 infinite-scroll.js Show response
gocsgo.net/wp-content/themes/edge/js/ 1 KB
1 KB 29ms
11ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/js/infinite-scroll.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 60d312c61d6765e2565609a60deace445af0d6c28538172aa2f9f8f6ff5ec580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:06:52 GMT
server: Apache
accept-ranges: bytes
etag: "4f9-5e1cafc194817"
content-length: 1273
content-type: application/javascript

GET
H2 200 swiper-bundle.min.js Show response
gocsgo.net/wp-content/themes/edge/assets/swiper/ 137 KB
137 KB 30ms
12ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/swiper/swiper-bundle.min.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 710b738d355ec7d2cff2e750421f4b67997287032b75283ada7832c76eca7d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:41:46 GMT
server: Apache
accept-ranges: bytes
etag: "22467-5e1cb78ec3a1d"
content-length: 140391
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
gocsgo.net/wp-includes/js/ 1 KB
1 KB 33ms
15ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-includes/js/wp-embed.min.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:00:46 GMT
server: Apache
accept-ranges: bytes
etag: "56f-5e1cae649c6d9"
content-length: 1391
content-type: application/javascript

GET
H2 200 jquery.nivo.slider.pack.js Show response
gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 12 KB
12 KB 32ms
15ms Script
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 019e826fde753380f86e733ed4b87c1780f8f54b1a19975bd7eef299f4c4fb42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:44:23 GMT
server: Apache
accept-ranges: bytes
etag: "2e42-5e1cb823ee375"
content-length: 11842
content-type: application/javascript

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 216ms
72ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5aeff5501617f2cb02daf2cca4a6dbe95f4b6ba4460f0a2a4d0ed2a131d7214d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Apr 2023 07:38:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6438d8df-122bc"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74428
expires: Sat, 15 Apr 2023 07:57:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
49 KB 64ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VLBNQ

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d065b21b105ddfa3516c34b9f3c2daa0ec3d4d2f5f84f280fdf05b894bd18c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49357
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 06:57:15 GMT

GET
H2 200 main-background.jpg
gocsgo.net/wp-content/uploads/2019/04/ 24 KB
24 KB 112ms
99ms Image
image/jpeg 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/uploads/2019/04/main-background.jpg
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/wp-content/themes/edge/style.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: dcdedf657349235d39ceba6bdf6e9f6c1208570ae756c619895ffd98faeded2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/wp-content/themes/edge/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:09:11 GMT
server: Apache
accept-ranges: bytes
etag: "5f4d-5e1cb045e78f1"
content-length: 24397
content-type: image/jpeg

GET
H2 200 fontawesome-webfont.woff2
gocsgo.net/wp-content/themes/edge/assets/font-awesome/fonts/ 75 KB
75 KB 108ms
100ms Font
font/woff2 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/wp-content/themes/edge/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/wp-content/themes/edge/assets/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gocsgo.net/wp-content/themes/edge/assets/font-awesome/css/font-awesome.min.css
Origin: https://gocsgo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:44:39 GMT
server: Apache
accept-ranges: bytes
etag: "12d68-5e1cb833b25af"
content-length: 77160
content-type: font/woff2

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 46ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C400italic%7CPlayfair+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gocsgo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:38 GMT
x-content-type-options: nosniff
age: 332737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:38 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 55ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C400italic%7CPlayfair+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gocsgo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:44 GMT
x-content-type-options: nosniff
age: 332731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:44 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 60ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%2C400italic%7CPlayfair+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gocsgo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:32:15 GMT
x-content-type-options: nosniff
age: 332700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:32:15 GMT

GET
H/1.1 200
OK count.js Show response
https-www-gocsgo-net.disqus.com/ 1 KB
2 KB 74ms
6ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://https-www-gocsgo-net.disqus.com/count.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 06:57:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 143
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 12 Apr 2023 10:34:40 GMT
Server: nginx
ETag: "64368940-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 1UKMMzIOVJ8Dja7hTt1ctThKFJTrIwol5Wgck45-JiOfpArObTeF4w==

GET
H2 200 bullets.png
gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 1 KB
1 KB 10ms
10ms Image
image/png 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/bullets.png
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
last-modified: Sun, 19 Jun 2022 11:50:30 GMT
server: Apache
accept-ranges: bytes
etag: "501-5e1cb981ab8fa"
content-length: 1281
content-type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VLBNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 06:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2743
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 08:11:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D3TY46W4S4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VLBNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21de4ec56087337abab1655c377796675e5660f75d5177d673246a9d5b69dc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Apr 2023 06:57:15 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/ 345 KB
116 KB 80ms
72ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7164859891892197&plah=gocsgo.net&bust=31073807

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f284497e9c3709c6bff32e0861f7d17d7e68787aa9e1757eb94d8c19d4dafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118221
x-xss-protection: 0
server: cafe
etag: 11428138646793221662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 5463 10 KB
5 KB 39ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 20:00:38 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 20:00:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK count-data.js Show response
https-www-gocsgo-net.disqus.com/ 695 B
1 KB 14ms
13ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://https-www-gocsgo-net.disqus.com/count-data.js?1=14203%20https%3A%2F%2Fgocsgo.net%2F%3Fp%3D14203&1=14213%20https%3A%2F%2Fgocsgo.net%2F%3Fp%3D14213&1=14223%20https%3A%2F%2Fgocsgo.net%2F%3Fp%3D14223&1=14227%20https%3A%2F%2Fgocsgo.net%2F%3Fp%3D14227&1=14229%20https%3A%2F%2Fgocsgo.net%2F%3Fp%3D14229

Requested by

Host: https-www-gocsgo-net.disqus.com
URL: https://https-www-gocsgo-net.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f6fb63042113d6e7e68305cb62c89145d820b29e7111cedbc7d4b2b3a005f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 06:57:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1902
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 695
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 27ms
27ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1063881288&t=pageview&_s=1&dl=https%3A%2F%2Fgocsgo.net%2F&ul=en-us&de=UTF-8&dt=GOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1754035858&gjid=1177099555&cid=22656562.1681541836&tid=UA-113129776-3&_gid=443179063.1681541836&_r=1&_slc=1&gtm=45He34c0n81T2VLBNQ&z=1322156671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gocsgo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gocsgo.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 55ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D3TY46W4S4&gtm=45je34c0&_p=1063881288&_gaz=1&cid=22656562.1681541836&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681541835&sct=1&seg=0&dl=https%3A%2F%2Fgocsgo.net%2F&dt=GOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D3TY46W4S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gocsgo.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 71ms
21ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D3TY46W4S4&cid=22656562.1681541836&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D3TY46W4S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gocsgo.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 70ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D3TY46W4S4&cid=22656562.1681541836&gtm=45je34c0&aip=1&z=697701027

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 66ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113129776-3&cid=22656562.1681541836&jid=1754035858&gjid=1177099555&_gid=443179063.1681541836&_u=YEBAAAAAAAAAAC~&z=523497571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gocsgo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Apr 2023 06:57:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gocsgo.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9974.ymLKok7EnPsHmiOOjXVsFeIN1oQ4p3-Px4fT2Go9zLjLsI1-u5oCQSkGr1bvTzSx.aqhpuAiGnADadk4IyU8gMVMCKlA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9974.DL9CSQ2QNZbM-Lp1v1jS14ilCk_pr0pwwz6koy3DhikgsHT3-ZP9VMDxbbtQ7PMg5l6nzJ09kICliL-JzHqcoGBOMbMgM2a_UM7AP_R2bZc%2C.CX3BDiVK_FbImFeErzcOYkZ5YBw%2C

43 B
67 B

69ms
69ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9974.DL9CSQ2QNZbM-Lp1v1jS14ilCk_pr0pwwz6koy3DhikgsHT3-ZP9VMDxbbtQ7PMg5l6nzJ09kICliL-JzHqcoGBOMbMgM2a_UM7AP_R2bZc%2C.CX3BDiVK_FbImFeErzcOYkZ5YBw%2C

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9974.DL9CSQ2QNZbM-Lp1v1jS14ilCk_pr0pwwz6koy3DhikgsHT3-ZP9VMDxbbtQ7PMg5l6nzJ09kICliL-JzHqcoGBOMbMgM2a_UM7AP_R2bZc%2C.CX3BDiVK_FbImFeErzcOYkZ5YBw%2C
date: Sat, 15 Apr 2023 06:57:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 39ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gocsgo.net&callback=_gfp_s_&client=ca-pub-7164859891892197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7164859891892197&plah=gocsgo.net&bust=31073807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8838e8cd477fb3408859936b0e8dd2ab400f6a8830b59c3f4da590e1fd1d6e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 72ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gocsgo.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 58ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gocsgo.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BEE 131 KB
40 KB 546ms
545ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&adk=1812271804&adf=1573534164&lmt=1681475114&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l&format=0x0&url=https%3A%2F%2Fgocsgo.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835528&bpp=5&bdt=306&idt=233&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3660793870658&frm=20&pv=2&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

931caa5e6afad8374a3790d0564d8336d6f88ddfbad17d973eb731d8acec8f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40994
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 06:57:16 GMT
expires: Sat, 15 Apr 2023 06:57:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:15 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Apr 2023 07:38:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6438d8df-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 15 Apr 2023 07:57:15 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF4F 104 KB
35 KB 804ms
803ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=280&slotname=9372963883&adk=705839202&adf=3025194257&pi=t.ma~as.9372963883&w=1200&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&format=1200x280&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835533&bpp=2&bdt=311&idt=305&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qGBAYWsbrm&p=https%3A//gocsgo.net&dtd=312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a63f1300c24cc773df78f1fded7eec718608a1a971b06548d5eacc68a0d3b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 06:57:16 GMT
expires: Sat, 15 Apr 2023 06:57:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 40ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113129776-3&cid=22656562.1681541836&jid=1754035858&_u=YEBAAAAAAAAAAC~&z=956582848

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113129776-3&cid=22656562.1681541836&jid=1754035858&_u=YEBAAAAAAAAAAC~&z=956582848

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54843430/
Redirect Chain

https://mc.yandex.com/watch/54843430?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.com/watch/54843430/1?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3...

479 B
782 B

68ms
67ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54843430/1?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A44053028736%3Ahid%3A905625401%3Az%3A0%3Ai%3A20230415065715%3Aet%3A1681541836%3Ac%3A1%3Arn%3A1016631185%3Arqn%3A1%3Au%3A1681541836349971506%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C25%2C338%2C1%2C190%2C0%2C%2C241%2C12%2C%2C%2C%2C796%3Aco%3A0%3Acpf%3A1%3Ans%3A1681541834666%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681541836%3At%3AGOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b61c8ea3a02eb1eb6d2e16d0a55e2b84a0a4dc70a5b7109225412a7294f218d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 15-Apr-2023 06:57:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gocsgo.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 479
x-xss-protection: 1; mode=block
expires: Sat, 15-Apr-2023 06:57:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:16 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 15-Apr-2023 06:57:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/54843430/1?wmode=7&page-url=https%3A%2F%2Fgocsgo.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A44053028736%3Ahid%3A905625401%3Az%3A0%3Ai%3A20230415065715%3Aet%3A1681541836%3Ac%3A1%3Arn%3A1016631185%3Arqn%3A1%3Au%3A1681541836349971506%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C25%2C338%2C1%2C190%2C0%2C%2C241%2C12%2C%2C%2C%2C796%3Aco%3A0%3Acpf%3A1%3Ans%3A1681541834666%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681541836%3At%3AGOCSGO%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B8%D0%BC%D1%8B%20%D0%BF%D0%BE%20CS%20GO&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://gocsgo.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 15-Apr-2023 06:57:16 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9974.rNAz775T7ccgm0j9g_H2k_ZsiUonJqic42PFySwQjiuLAO4Df1c-t3B7DnNNEaZM.G6mSnHn-nDNWp19-lKC2n6uizqc%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9974.XkHQYCD0DIR0HBK8Knu4rrxaxdw0fqN2ruotCqkPNoJfj2eLRO59mZwaGyCVIF50qz2Y8dkvk4p48MY8NEGnITnx7bucdF_pPXIhe8iK-eY%2C.a9KaGZ7PPsV5r149M7...

43 B
79 B

66ms
65ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9974.XkHQYCD0DIR0HBK8Knu4rrxaxdw0fqN2ruotCqkPNoJfj2eLRO59mZwaGyCVIF50qz2Y8dkvk4p48MY8NEGnITnx7bucdF_pPXIhe8iK-eY%2C.a9KaGZ7PPsV5r149M7TStNU76FM%2C

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9974.XkHQYCD0DIR0HBK8Knu4rrxaxdw0fqN2ruotCqkPNoJfj2eLRO59mZwaGyCVIF50qz2Y8dkvk4p48MY8NEGnITnx7bucdF_pPXIhe8iK-eY%2C.a9KaGZ7PPsV5r149M7TStNU76FM%2C
date: Sat, 15 Apr 2023 06:57:16 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/ 150 KB
51 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/reactive_library_fy2021.js?bust=31073807

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde3286e18c4130b2923e93a62e937d6791c9e061f44133b6d69837591ace040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52140
x-xss-protection: 0
server: cafe
etag: 561129587574419341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gocsgo.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gocsgo.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23E6 138 KB
42 KB 2429ms
2429ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e57095344787edf94e03d0b3cf3890ce05ff8140c0b2acd1c875b40782e2a3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 06:57:18 GMT
expires: Sat, 15 Apr 2023 06:57:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F465 93 KB
34 KB 739ms
739ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

377669f40e40807c7dfbc0d023375be46b8e1b04a1f0d9fb0c8f772f8cd04ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 06:57:17 GMT
expires: Sat, 15 Apr 2023 06:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame C7A4 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 00:19:45 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 00:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C7A4 2 KB
846 B 49ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 19:26:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame C7A4 22 KB
9 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:35:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C7A4 3 KB
1 KB 47ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 11:13:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C7A4 20 KB
8 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:02:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7A4 159 KB
49 KB 89ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame C7A4 33 KB
14 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF4F 8 KB
989 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=280&slotname=9372963883&adk=705839202&adf=3025194257&pi=t.ma~as.9372963883&w=1200&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&format=1200x280&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835533&bpp=2&bdt=311&idt=305&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qGBAYWsbrm&p=https%3A//gocsgo.net&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:19:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame AF4F 2 KB
799 B 41ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 19:26:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame AF4F 22 KB
9 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:35:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame AF4F 3 KB
1 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 11:13:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame AF4F 20 KB
8 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:02:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF4F 159 KB
49 KB 103ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame AF4F 33 KB
14 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF4F 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK080y0o6ZOC6OdiwtOUP5vK-gAvHxqWIb-Pvl-CUEbOrv7WQDhABIPvEw3lgleKQgqAHoAG85fqqAcgBCagDAcgDywSqBMoBT9DVwc4ehn3B6fEVENGg0AJFpxkuS73Yf1KQwDicAjT2_1HcP8Ks_aya9HqOx9-9e_C4HrgS_xfg8nxodFL-uFVvcNC-_V13X1LUYsxSoJc7g_KttEWb8higPZxudg7OssNamdoYm4GrTvKCUvD88fbevN8LapLMuD8QojUzzsjm9VTLosvRF-KVFXGdYAHL0uhbgquW1JlmoWyKbZkUIOP7lokFxJoNNu2kYKCXAnyREiu5VmTJTADz3ec1EPQ03iX5C0uRB6O3OMAEy5unk6AEkgUECAQYAZIFBAgFGASgBi6AB6yahdUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4-gE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzE2NDg1OTg5MTg5MjE5NxgA&sigh=Sbwy72veGpY&uach_m=[UACH]&cid=CAQSGwBygQiDDgwVTg1ieF6XqBy71jjX3IsbR1W0ShgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=280&slotname=9372963883&adk=705839202&adf=3025194257&pi=t.ma~as.9372963883&w=1200&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&format=1200x280&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541835533&bpp=2&bdt=311&idt=305&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qGBAYWsbrm&p=https%3A//gocsgo.net&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 06:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13036249772280656015/ Frame AF4F 5 KB
6 KB 28ms
15ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13036249772280656015/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b0304384f719924920550c6f2db8f7a1339c4f2295233ad554081d245c3cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:49:12 GMT
x-content-type-options: nosniff
age: 526084
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5532
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:54:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 04:49:12 GMT

GET
DATA 200
OK truncated
/ Frame AF4F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF4F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF4F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03521b929940337e48fd29b79552b5e04868d12ffa58a446211384063ededc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 04D3 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 23:46:26 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame AF4F 29 KB
29 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 378143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 067E 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 23:46:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F465 6 KB
669 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 06:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:22:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 06:57:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F465 2 KB
804 B 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 19:26:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame F465 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:35:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F465 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 11:13:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F465 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:02:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F465 0
0 18ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXjQVRC2UM3X1ccyNpnq4L2vb6eOUglW6xLwzNU6_asUW-TkDrfVDHnM9pjwMvlJpEqAkkFi-IJHxYqdLdv6N9NZhBTg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F465 159 KB
49 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:17 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame F465 33 KB
14 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F465 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce03HzEo6ZLKVKvGN9APpnZXgCpONlfZukMLh4I4R8uzS4LIBEAEg-8TDeWDtBKAB6tadlSnIAQmpApoet5AKcbI-qAMByAPLBKoExgFP0AWr5Gx3xzvc2dXbBAFnL4zv4_Wmg0jysPO4b17lfQ1gFRyzbnFpDlsCGwhAsNrraU2Vnw6yPGpio1QWIGtjSltGxaX86wJtOsSZdo52uE6fC2gGcSNmL0rih8v_eBFZqld2p8cy3Da7jxBOXlFDMFA40EDZ-X2F39IcPlRjPA4p0i-1w3ga9HMrryyiX8G6W4dCUnnIp2LS2Eirvsj80veJGHbVYjfwivx5xu3-7GXJPWiK9cR18hRO4q8Y7pLHAsMiFQrABJmw1YqtBJIFBAgEGAGSBQQIBRgEoAYugAfqju70A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMLHBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi03MTY0ODU5ODkxODkyMTk3GAA&sigh=_qJh0Gb2Y24&uach_m=[UACH]&cid=CAQSPABygQiD53SGpysJW81268psNvjP5soPnjNEQ0dj4P_z1x57HZ7Tlp3yp_NPpMDH0ScErx7FgLk8bsb1nhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 06:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 04C6 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5148656691782702533/ Frame F465 20 KB
21 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5148656691782702533/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083c9e51fc1abf9d7231d2a4d57b89cd6436a443bdb5709e9e31988c1db63791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:21:36 GMT
x-content-type-options: nosniff
age: 59741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20908
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 06:55:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 14:21:36 GMT

GET
DATA 200
OK truncated
/ Frame F465 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F465 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0303cab053c7a28d8f173086440918a8b3ab3df5ea38203b2b2e157efe4eec9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 04C6 35 B
465 B 164ms
7ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ3AXG240xFVlAZpRlj6kE0&google_cver=1&google_push=Aer7DvLZzz5UhnYJ3DioJJ4hepWkdtDuqJM-MPmU5NbizrJe5-zxRiiFmbLZZiU_swTzZOag5hjqomI17IQLD9bb8yOrh-UDgYmX

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04C6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEebE-Is542yzpKKnMin5XM&google_cver=1&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toW...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toWtVlBi8keFDtFzA

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toWtVlBi8keFDtFzA

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 15 Apr 2023 06:57:17 GMT
Server: MT3 796 58fb543 master cdg-pixel-x31 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvK76rourscDRfTmhqn7Ze1IY3i28lXePDyGXlQiijhHj8YFrC6QN9QGiKxVAC87NTZkZiUMU6hEYuIw-toWtVlBi8keFDtFzA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 15 Apr 2023 06:57:16 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 04C6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7h...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU...

43 B
412 B

189ms
173ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: gocsgo.net
URL: https://gocsgo.net/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b824b25bc089a30-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 396
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBttHV1xDrLIjvbAHxWh1vE&google_cver=1&google_push=Aer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJkA-1weJ8r5bhzUYQyCyyJBYlLhI1VFGZ-1XFrrxoR_RclfiYxKWildmD0pv64BwtrE6YfGq4YAjvG8a4K_qLntNLaLbU7hg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b824b248aad9a30-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04C6
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEep-VgJkFYebRBB7nr-cYY&google_cver=1&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmL...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEep-VgJkFYebRBB7nr-cYY&google_cver=1&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_Me...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=22bcc11c-f030-409a-89f1-bf1d577ad548&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj&google_hm=hyw67no0TS2aEvYNuneXhA==

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj&google_hm=hyw67no0TS2aEvYNuneXhA==

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLdjWjNiPW5y1qpGB3XGTRZ5vaHUoSNc4sfKQAU8iATGkfXO1nF764-cZZCTn9lQQXb3rswJfnp04s_MejYezmLslsna9lj&google_hm=hyw67no0TS2aEvYNuneXhA==
date: Sat, 15 Apr 2023 06:57:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 trk
ag.innovid.com/ Frame 04C6 43 B
297 B 190ms
23ms Image
image/gif 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECbSe3mehbpfWWIvXzk2oFg&google_cver=1&google_push=Aer7DvKKLjeKRhDFPrc-FFFJejf09ht5LKK8PTcIXOLxg8HeuMhcYxdfKv4aqtY7m14-ltAx-E9JKzzHViGSyzDQQ48YWbFSYPpDeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2923271300&adf=3884016279&pi=t.aa~a.1517101829~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1334&idt=1&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280%2C311x250&nras=3&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=3371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=MU2GmvQGzx&p=https%3A//gocsgo.net&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 04C6 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04C6
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENuiZeEcwOH6VkQoM6IohRY&google_cver=1&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOz...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOzOA5ZlQvhLQOMn5eZhKpwzLRqTOAFztDd8S8UM&google_hm=...

170 B
329 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOzOA5ZlQvhLQOMn5eZhKpwzLRqTOAFztDd8S8UM&google_hm=mjY511IYRU-RxDrLdWBw4Ag

Requested by

Host: gocsgo.net
URL: https://gocsgo.net/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLIORKUhHyQCechCIrfdxLJukA6Fird6EWzGLHCsouesbLouustq35nOhIqOzOA5ZlQvhLQOMn5eZhKpwzLRqTOAFztDd8S8UM&google_hm=mjY511IYRU-RxDrLdWBw4Ag
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 04C6 0
130 B 170ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIkh0LHXIdVMQ-7kAtd08gXSHDqTdqxwBPS11tUPcz31hS1QoDrs2T5JdUHzQmBDjbpYGYs_w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F465 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 332767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F465 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 332769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:08 GMT

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4305 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 23:46:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF4F 42 B
64 B 59ms
44ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDVgoeFGa6D8Zym4zR_EGBhKFvRX4xmP-ns1dnnGrGorElQpvraAf7rLmsgfwItt5wm7ZWXqQDA6Q7EUN2PFb-0G2DldlhZ34-XF5mcVPxp58Xy0hSeVAqIwMNI51GP352n8WniQ&sai=AMfl-YQy7TwoCTMBtffUShgCpeEHCANQN801ZtRCWrYJOr2z3rhxUi2jFYqhLdAF7IYml-n89_kmP9_Ly4ZG&sig=Cg0ArKJSzMrnXN5f8nT6EAE&cid=CAQSGwBygQiDDgwVTg1ieF6XqBy71jjX3IsbR1W0ShgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=705839202&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681541835846&rpt=982&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 54843430 Show response
mc.yandex.com/webvisor/ 43 B
145 B 250ms
126ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/54843430?wmode=0&wv-part=1&wv-hit=905625401&page-url=https%3A%2F%2Fgocsgo.net%2F&rn=949700981&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1681541839%3Aw%3A1600x1200%3Av%3A1012%3Az%3A0%3Ai%3A20230415065718%3Au%3A1681541836349971506%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1681541839&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gocsgo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 15-Apr-2023 06:57:19 GMT
content-type: image/gif
access-control-allow-origin: https://gocsgo.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 15-Apr-2023 06:57:19 GMT

GET
H3 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 23E6 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 17:09:29 GMT

GET
H3 200 6633b25081de24e0d840e703ca6929c6.js Show response
www.gstatic.com/mysidia/ Frame 23E6 137 KB
51 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6633b25081de24e0d840e703ca6929c6.js?tag=video_mra/web_raspberry_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81300603eb6ba67b4116b53f0e39b1033f0b694d85144773ea4dfaae66df49a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51774
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 01:39:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23E6 8 KB
893 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 06:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 06:21:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 06:57:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23E6 13 KB
968 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a7fd0ce258549848663c111aa61034e66ad6e3cd04cc5acd3b5d0bb1821afb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 06:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 05:56:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 06:57:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 23E6 2 KB
765 B 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 19:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 23E6 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:35:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 23E6 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 11:13:00 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 23E6 67 B
91 B 10ms
9ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 46327
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:05:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 23E6 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:02:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 23E6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCR3IOivwYHzE60Y6LtwdO4MzrzvU1O9-A9QhI2Xp0vrehhVCyiquuLAEGZ8ZRe1uJ3xyIqhnv2bFZtMJZ1DwDzKjFMg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23E6 159 KB
49 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 06:57:19 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 23E6 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3802263791245097070/ Frame 23E6 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3802263791245097070/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4712754a023f4fc6b9d4178f6df99b22980083b926544c1ef838c67ae44250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:31:10 GMT
x-content-type-options: nosniff
age: 26769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 11:49:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 23:31:10 GMT

GET
DATA 200
OK truncated
/ Frame 23E6 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 23E6 0
234 B 56ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lghmlewp&c=3959507494102&slotId=1979753747051&qqid=CM2c5r6nq_4CFaIYrQYd794O0Q&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6633b25081de24e0d840e703ca6929c6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15844187750503424386/ Frame 23E6 163 KB
163 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15844187750503424386/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c94daba63c8c041a7972805ffc6715a2e23f92e1bcadb4b34c2a318f87d30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166918
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:06:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 06:57:19 GMT

GET
H3

206

videoplayback
r1---sn-4g5edn6r.gvt1.com/ Frame 23E6
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=ip,ipbits,expire,id,...
https://r1---sn-4g5edn6r.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

789 KB
789 KB

194ms
125ms

Media
video/mp4

2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2546A2B250D88D53EEC5A1778A1E5CE8D245C535.507169A5BBB264E1AA17E5BFBDCDCED1A6660461&key=cms1&cms_redirect=yes&mh=vS&mip=2001:ac8:20:3c00:1012:2bfc:8912:f6ff&mm=28&mn=sn-4g5edn6r&ms=nvh&mt=1681540912&mv=u&mvi=1&pl=49

Requested by

Protocol

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c0c68f75d23c6432375c773f6b955a7ceb1d08bacac671d76066cd8b4073505e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 15 Apr 2023 06:57:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 15:08:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-807463/807464
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 807464
expires: Sat, 15 Apr 2023 06:57:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5edn6r.gvt1.com/videoplayback?id=a9fc512bf1bc7d9c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1681549038&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2546A2B250D88D53EEC5A1778A1E5CE8D245C535.507169A5BBB264E1AA17E5BFBDCDCED1A6660461&key=cms1&cms_redirect=yes&mh=vS&mip=2001:ac8:20:3c00:1012:2bfc:8912:f6ff&mm=28&mn=sn-4g5edn6r&ms=nvh&mt=1681540912&mv=u&mvi=1&pl=49
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 23E6 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgQrBzEo6ZM2GKaKxtOUP7727iA3B0-Hpb6vZuP6REeqf3KDUARABIPvEw3lguwagAc6dzcIDyAEJqQJFQFevY9O0PqgDAcgDywSqBLoBT9ArZU8ddmt0-Ubt8Cai_QPKWqMqd06oUSSwohdTML0IelviM0FKY3SWieD5343A4I3DeQzwKtx-pBpvxp7sT_Ipp9U0FN2EQGtCbxVfCJS6dIltE5tZxO2-xYJoG3ErLWv5H-3-bq4WmuD--iN2A2krl0NCgHAQ15VUL-I90O2WMQlOkdbaGIYZrkCyNX_lo2C7-LimYhD9FAJkXeODURBeg9naeNGUO5y3qYnTxRbpZk8xRDRigWtMwATm1tip3AOSBQQIBBgBkgUECAUYBKAGLoAHmuKyPagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMOyLtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOcG9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi03MTY0ODU5ODkxODkyMTk3GAA&sigh=tenmCT14mlQ&uach_m=[UACH]&cid=CAQSPABygQiDnQU8V3Xii2okR-8OtsuWuz60QDWoGJ9Pco5oqS_KZQD7Lgx71nll-lwsS4C9eAoq2I0gREaSMBgB&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 06:57:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B65 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 23E6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d16e8bab55794d3b569692077655f305b01453471164cf6c2a9dc707077877

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 23E6 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 46327
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Sat, 15 Apr 2023 18:05:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMk5gNFjZfu35FKEHBY5UEc&google_cver=1&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7G...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7GMmR2RvHt08ZSR1_jWVXJNoInoKe0CDvvSuft1gNynfAdBQfL9xLqZ8cKkLyurX-Q9...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7GMmR2RvHt08ZSR1_jWVXJNoInoKe0CDvvSuft1gNynfAdBQfL9xLqZ8cKkLyurX-Q9PID0Jt0WH-JAr8d8Ln-FIzZsZLHqVUDpnGIk&google_hm=2KLw_kkWvBgSg1jk8lmEEA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvISvrJ0WJUKgt3Nc0hPeV3qawPQqdV_Jw5no4rgJTNaij2eKD_e7GMmR2RvHt08ZSR1_jWVXJNoInoKe0CDvvSuft1gNynfAdBQfL9xLqZ8cKkLyurX-Q9PID0Jt0WH-JAr8d8Ln-FIzZsZLHqVUDpnGIk&google_hm=2KLw_kkWvBgSg1jk8lmEEA
pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO86_K7Bu82DUiIitG5JaGs&google_cver=1&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1Skd...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=milkOkrNQwCxTX6VEiwUZw&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1SkdSVg1ZeGP...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=milkOkrNQwCxTX6VEiwUZw&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1SkdSVg1ZeGPaw-FyeYBndRW0dSnyOr4LapXNt0csc7ykjgodczXx56POUyHRHDYy_pksOEAh3M

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 15 Apr 2023 06:57:19 GMT
Server: MT3 796 58fb543 master cdg-pixel-x28 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=milkOkrNQwCxTX6VEiwUZw&google_push=Aer7DvK8Dai94MAHWrAydIlfMSSdcrmqULRyRgypKFhLfSlIqER5XvjYeBo0891-NNXzlgvje9kENMD6BB6y1SkdSVg1ZeGPaw-FyeYBndRW0dSnyOr4LapXNt0csc7ykjgodczXx56POUyHRHDYy_pksOEAh3M
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 15 Apr 2023 06:57:18 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 1B65 43 B
456 B 179ms
176ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESENKaGvzvuiLSk4PvwkQJ03c&google_cver=1&google_push=Aer7DvKrHdTQRm5-MKvwh3QoJ1h4L-Ic5DI6jyVLr6KxLx_lumLBmAPkbGWzc4keC1SCCUEb1CtMAn2DvvITz1fT54KpGV6MSurKFXlvEhGue9Su7sM03NDG9gIhxU3H5aAv_zbFZqkWbMOcTKUpyAKQF5MnaA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKrHdTQRm5-MKvwh3QoJ1h4L-Ic5DI6jyVLr6KxLx_lumLBmAPkbGWzc4keC1SCCUEb1CtMAn2DvvITz1fT54KpGV6MSurKFXlvEhGue9Su7sM03NDG9gIhxU3H5aAv_zbFZqkWbMOcTKUpyAKQF5MnaA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7164859891892197&output=html&h=250&adk=2498889499&adf=1707646432&pi=t.aa~a.1596287903~rp.4&w=311&fwrn=4&fwrnh=100&lmt=1681475114&rafmt=1&to=qs&pwprc=1245679791&format=311x250&url=https%3A%2F%2Fgocsgo.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681541836555&bpp=1&bdt=1333&idt=-M&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8d44eb5c42ffe63c-22b1d94f94dd0064%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw&gpic=UID%3D00000bd67597a0c1%3AT%3D1681541835%3ART%3D1681541835%3AS%3DALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA&prev_fmts=0x0%2C1200x280&nras=2&correlator=3660793870658&frm=20&pv=1&ga_vid=22656562.1681541836&ga_sid=1681541836&ga_hid=1063881288&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1074&ady=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31073807%2C42531706&oid=2&pvsid=904779656571520&tmod=181737765&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dzUp4ZNy6y&p=https%3A//gocsgo.net&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b824b2e7d439a30-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMvXbI20b4o2eunmssDjjCA&google_push=Aer7DvI22IeQXb6--eecAGj6K672f2JtcrUGkFpwfBYetrTWj08b82e6-g...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMvXbI20b4o2eunmssDjjCA&google_push=Aer7DvI22IeQXb6--eecAGj6K672f2JtcrUGkFpwfBYetrTWj08b82e6-gVuLd0kf3J4hxMltVMowrfdUv-TjnWgfFIUqrzLQadgN6qcY-qj8wztqk83whmTPAqhb06bHw3HSJxZYFBFa0sDmPMX2zw5ON8Tslo

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230101-FRA
pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681541839.152342,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMvXbI20b4o2eunmssDjjCA&google_push=Aer7DvI22IeQXb6--eecAGj6K672f2JtcrUGkFpwfBYetrTWj08b82e6-gVuLd0kf3J4hxMltVMowrfdUv-TjnWgfFIUqrzLQadgN6qcY-qj8wztqk83whmTPAqhb06bHw3HSJxZYFBFa0sDmPMX2zw5ON8Tslo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEErkBrQCrdbb0_sxewNvz5M&google_cver=1&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vE...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=872c3aee-7a34-4d2d-9a12-f60dba779784
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=872c3aee-7a34-4d2d-9a12-f60dba779784
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d3ac70eb-a0f7-4d46-9450-4dafd07a180e&user_group=1&ssp=google&bsw_param=872c3aee-7a34-4d2d-9a12-f60dba779784
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vEU9hI2Dmn2WWqS699xFnDBckxlyTsW1qRCXRbHWQqx3...

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vEU9hI2Dmn2WWqS699xFnDBckxlyTsW1qRCXRbHWQqx3HssU8Cd7UhErgpDiXJmM2v63k&google_hm=hyw67no0TS2aEvYNuneXhA==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI_l5LdopMNC2vgI6VaUnZAyg2WXxtVSfscLuAKbhopc_KLp8cF3MMM0u_5YTJW5xA5K2WWJeIX44xA3ZOqr6vEU9hI2Dmn2WWqS699xFnDBckxlyTsW1qRCXRbHWQqx3HssU8Cd7UhErgpDiXJmM2v63k&google_hm=hyw67no0TS2aEvYNuneXhA==
date: Sat, 15 Apr 2023 06:57:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHx05Xqg1CbSMLuAqMueUcc&google_cver=1&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYol...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYolKeddF96k-OcHnWHceCD5B0ElMBJ1vzMMRJudln...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYolKeddF96k-OcHnWHceCD5B0ElMBJ1vzMMRJudlnFk6Be2MV6_6YqABZoxp7STThJA&google_hm=eS1Vb1M2Skx0RTJwR1gzZElSbnU2UTlXRktDSTdsZEZrRn5B

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 06:57:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKTARm4hO2itYtYZO70IR671sfYecom7hC_Y15mhauPVezcjJVthMlNd5joeAR6pmds43bcank4EcTcwofMPfIxYolKeddF96k-OcHnWHceCD5B0ElMBJ1vzMMRJudlnFk6Be2MV6_6YqABZoxp7STThJA&google_hm=eS1Vb1M2Skx0RTJwR1gzZElSbnU2UTlXRktDSTdsZEZrRn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM_Pt6P51nRK2DcgtAkE_iU&google_cver=1&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM_Pt6P51nRK2DcgtAkE_iU&google_cver=1&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3e...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc1MTY0MjQ2NDM2NTQxOTA3OA&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItS...

170 B
188 B

15ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc1MTY0MjQ2NDM2NTQxOTA3OA&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6aIlRjqgRj4WZqbFqEqBOfB3sg-IFtz9P0Ao4f5CFFbIGongfUL0e4yXJqXwDnJPr7ZdlNF8QsjqsbE4

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc1MTY0MjQ2NDM2NTQxOTA3OA&google_push=Aer7DvL8cAHgmbFKxAqGdgeCGeF6K-qGNCK7heORCuZAn72W9NeTDb36BvKb3N_TNOuYi1Jej3eItSF6aIlRjqgRj4WZqbFqEqBOfB3sg-IFtz9P0Ao4f5CFFbIGongfUL0e4yXJqXwDnJPr7ZdlNF8QsjqsbE4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B65 0
12 B 15ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLHYKXyIuVirTPHY7B1zHJdMD1S6yXc_SHF8OwM6YUKkoP17GXFd0f3dTvTWk3t2ODH0KP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 23E6 29 KB
29 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 378146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

POST
H2 200 54843430 Show response
mc.yandex.com/webvisor/ 43 B
73 B 66ms
66ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/54843430?wmode=0&wv-part=1&wv-hit=905625401&page-url=https%3A%2F%2Fgocsgo.net%2F&rn=375542814&wv-type=3&browser-info=we%3A1%3Aet%3A1681541839%3Aw%3A1600x1200%3Av%3A1012%3Az%3A0%3Ai%3A20230415065719%3Au%3A1681541836349971506%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1681541839&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gocsgo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 15-Apr-2023 06:57:19 GMT
content-type: image/gif
access-control-allow-origin: https://gocsgo.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 15-Apr-2023 06:57:19 GMT

GET
H2 200 sp-push-worker-fb.js Show response
gocsgo.net/ 65 B
157 B 11ms
11ms XHR
application/javascript 2a01:4f8:d0a:2677::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gocsgo.net/sp-push-worker-fb.js
Requested by: Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/2eef24e06e93b47716f29f06bb053375_1.js
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2677::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
last-modified: Mon, 22 Aug 2022 10:27:04 GMT
server: Apache
accept-ranges: bytes
etag: "41-5e6d1e3987df4"
content-length: 65
content-type: application/javascript

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758fc857b23bc69bb82d6c0fd0722d0e505e378f068ff2861298141c3d4e60ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11141
x-xss-protection: 0

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame B3A5 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 23:46:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 06:57:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D2C 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 19:52:47 GMT
expires: Sat, 13 Apr 2024 19:52:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E000 783 B
537 B 18ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37d634cbab821fa176c446f182882c7748c8600b974094887c40b5d4f4275dbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P49gL1S0gzTqjPSXXBX4Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gocsgo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-P49gL1S0gzTqjPSXXBX4Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 06:57:19 GMT
expires: Sat, 15 Apr 2023 06:57:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D2C 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 23:46:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E000 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=904779656571520&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D2C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SLyjMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 06:57:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=904779656571520&bg=!lZallsLNAAZA7GLoYOw7ADkAdvg8Wgwar_rHfGnbV2CbRC8OP_0Al5FPnxChSPb5XoIsPu3PA5w1iqi1dMXiXzOMpYu8RRbXm9YCAAAAU1IAAAACaAEHmQLj9rPNuD-WE1YaGavpDDOUT_jWBsxsHeHLazTfSzuBImiNXLGqFNhKe4JBvBIXqUKD9HddjBf168HaBMT0Dam0YT3vr-1bSwYGzEamv-ryETTr0PnsesgGPEf_sIGvjT8mOhjyeh5feTP2kY5r-b5FA9yds0QnectBfyvAjwYq8k367i4I5uXXPtx9MbOz8SnhG2ibJCqw6yCtSndTeKBG7FXxNVFUjvFvIk3gJkt2cdv7klwmjq0PBv2hPgGTTCzEf53xxsiUtVMshyavmEouHGQzbRK1JBEuse7MhqGsiPjj1VeB9wGnvj90M9U31hediprYaVocdz6TFXs87giaMye52oZW7WnSXegOKLub_WX329EgSyxqAM29WtJvnGFyj5O1id6_fRZnFtPznVsFwRdNPUCSG3is2zOj8Q8-JQzlBhnDymgdDs6JYgRR0hnNNnF5Z9tJSjyeWz86MN82DiMyBbIdN427AY1stVVV_WbSctpNOdB-BZI967o3k14G7Lh6j3-yMR9O7xmiUOiBhgiHwpTNu5N2g4Dkl73MfFIiCGmvhPLoWYAgO7qw8iIW4vyhOQqlx1rPrq91lo__mTZiqP_plrxOdeLH3_UwA2lTVOFso1bDGN6-Zd9dqGP4aYyH3OMRX0TI_h_yNhRgizsypl2YmRoB8zqxghhPjpKVBYQ2Pdc0G5ogNgdrGt_AVe87WWDSUl96N_BTNXRFDfTn9FN6Slqdq5iX70VJp7D1aFS9_rtlIQkYmnYYbyXAg0M9JXC3vxdw36eu26UGzTEa-1itvCRA84VX-x0qjbBilfe-M5zSjfnze6K8ERcQQ7-hF9OShwK4de3aSE-RY6ECFCk6qdCxLrm3P7Z9UmMyIKUEWHt9WHOVgl6pD2hAprxArsIINmRtyjVFq5F1SJSJbEX9-aE7KYT5XpcvH7NQfDN3MAcCPg31z-EgdwSkAQ83WjBBFPIDO_5TlNWyogazWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocsgo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 23E6 0
54 B 14ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lghmlewz&c=3959507494102&slotId=1979753747051&qqid=CM2c5r6nq_4CFaIYrQYd794O0Q&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6633b25081de24e0d840e703ca6929c6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 54843430 Show response
mc.yandex.com/webvisor/ 43 B
145 B 63ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/54843430?wmode=0&wv-part=2&wv-hit=905625401&page-url=https%3A%2F%2Fgocsgo.net%2F&rn=555502534&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1681541841%3Aw%3A1600x1200%3Av%3A1012%3Az%3A0%3Ai%3A20230415065720%3Au%3A1681541836349971506%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1681541841&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gocsgo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 06:57:20 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 15-Apr-2023 06:57:20 GMT
content-type: image/gif
access-control-allow-origin: https://gocsgo.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 15-Apr-2023 06:57:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJIvqOr9MCrTIc_u5dERRr0&google_cver=1&google_push=Aer7DvImiUQNZCwGlpMGKasgBz7beLDiyKoY4nBsCsV4jAZDJ36CwzsyP5ezHbeZF0RS7XTMv6IEVBJFoo1VloWs9ZA0X0Jbob9lrA

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gocsgo.net/	1970-01-20 11:07:08	Name: _gid Value: GA1.2.443179063.1681541836
.gocsgo.net/	1970-01-20 11:05:41	Name: _gat_UA-113129776-3 Value: 1
.gocsgo.net/	1970-01-20 20:41:41	Name: _ga_D3TY46W4S4 Value: GS1.1.1681541835.1.0.1681541835.60.0.0
.gocsgo.net/	1970-01-20 20:41:41	Name: _ga Value: GA1.1.22656562.1681541836
.gocsgo.net/	1970-01-20 19:51:17	Name: _ym_uid Value: 1681541836349971506
.gocsgo.net/	1970-01-20 19:51:17	Name: _ym_d Value: 1681541836
.mc.yandex.com/	1970-01-20 11:05:42	Name: sync_cookie_csrf Value: 3739869781fake
.gocsgo.net/	1970-01-20 20:27:17	Name: __gads Value: ID=8d44eb5c42ffe63c-22b1d94f94dd0064:T=1681541835:RT=1681541835:S=ALNI_Mb6LwdxFP8LvbKfbwN32YDHCWA7nw
.gocsgo.net/	1970-01-20 20:27:17	Name: __gpi Value: UID=00000bd67597a0c1:T=1681541835:RT=1681541835:S=ALNI_Ma3PvBO6CgHQMYtFExsUZI6NIjRWA
.gocsgo.net/	1970-01-20 11:06:53	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 11:05:42	Name: sync_cookie_csrf Value: 1691856024fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2526007451681541836
.yandex.com/	1970-01-20 20:41:41	Name: i Value: 9li/eo8PXHpEw0n5sk4t29L5tT9t30YOKSmbcdJrExyYhK/w1FOvmdLAgRdfNuA7WxDrsGL1vC23evQSf0RuIppOWfI=
.yandex.com/	1970-01-20 20:41:41	Name: yandexuid Value: 54858261681541836
.yandex.com/	1970-01-20 19:51:17	Name: yuidss Value: 54858261681541836
.yandex.com/	1970-01-20 19:51:17	Name: ymex Value: 1713077836.yc.1681541836#1713077836.yrts.1681541836#1713077836.yrtsi.1681541836
.yandex.com/	1970-01-20 19:51:17	Name: bh Value: KgI/MA==
.gocsgo.net/	1970-01-20 11:05:43	Name: _ym_visorc Value: w
.bidswitch.net/	1970-01-20 19:51:17	Name: tuuid Value: 872c3aee-7a34-4d2d-9a12-f60dba779784
.bidswitch.net/	1970-01-20 19:51:17	Name: c Value: 1681541837
.bidswitch.net/	1970-01-20 19:51:17	Name: tuuid_lu Value: 1681541837
.quantserve.com/	1970-01-20 13:15:17	Name: d Value: EFEBCQHhKIEA
.quantserve.com/	1970-01-20 20:35:56	Name: mc Value: 643a4acd-7f7e8-4a8c6-20cb6
.ctnsnet.com/	1970-01-20 19:51:17	Name: cid_9a3639d75218454f91c43acb756070e0 Value: 1
.ctnsnet.com/	1970-01-20 19:51:17	Name: gid_CAESENuiZeEcwOH6VkQoM6IohRY Value: 1
.mathtag.com/	1970-01-20 20:31:37	Name: uuid Value: 9a29643a-4acd-4300-b14d-7e95122c1467
.innovid.com/	1970-01-20 13:15:17	Name: uuid Value: 3307c40d-b97f-4cf8-bf74-ee83f13cc641-20230415 02:57:17
.sportradarserving.com/	1970-01-20 19:51:17	Name: zuuid Value: 22bcc11c-f030-409a-89f1-bf1d577ad548
.sportradarserving.com/	1970-01-20 19:51:17	Name: c Value: 1681541837
.sportradarserving.com/	1970-01-20 19:51:17	Name: zuuid_lu Value: 1681541837
.sportradarserving.com/	1970-01-20 19:51:17	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 19:51:17	Name: zuuid_k_lu Value: 1681541837
.doubleclick.net/	1970-01-20 20:27:17	Name: IDE Value: AHWqTUmU8SiobjlLXiQ7m1SsnFfj5qDMSt5rrIPQ2ISAavRSTEIDBzeoFZE1lHBl7Vg
.mathtag.com/	1970-01-20 11:48:53	Name: mt_mop Value: 4:1681541839
.adform.net/	1970-01-20 11:48:53	Name: C Value: 1
.yahoo.com/	1970-01-20 19:51:39	Name: A3 Value: d=AQABBM9KOmQCEFT8ELqM60MSxKyAOVVARe0FEgEBAQGcO2REZAAAAAAA_eMAAA&S=AQAAAtWHDXkvaDnpPNOjRb96YXU
.adform.net/	1970-01-20 12:32:05	Name: uid Value: 7751642464365419078
.everesttech.net/	1970-01-20 19:51:17	Name: everest_g_v2 Value: g_surferid~ZDpKzwAC4q4HQQBS
.tribalfusion.com/	1970-01-20 13:15:17	Name: ANON_ID Value: aQnu7qo0P8fCmTN83MFZdZbdsBJknZdmYEvxGZaFbwR9Ru49j6XaJpW88BjHfayraBZaVD8DOZc9KZacs9Zc50EhWY7DfTaMyHTZc1vRhMqH9FLwI
pool.admedo.com/	1970-01-20 19:51:17	Name: tuuid Value: d3ac70eb-a0f7-4d46-9450-4dafd07a180e
pool.admedo.com/	1970-01-20 19:51:17	Name: c Value: 1681541839
pool.admedo.com/	1970-01-20 19:51:17	Name: tuuid_lu Value: 1681541839

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJIvqOr9MCrTIc_u5dERRr0&google_cver=1&google_push=Aer7DvImiUQNZCwGlpMGKasgBz7beLDiyKoY4nBsCsV4jAZDJ36CwzsyP5ezHbeZF0RS7XTMv6IEVBJFoo1VloWs9ZA0X0Jbob9lrA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
adservice.google.com
adservice.google.de
ag.innovid.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gocsgo.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
https-www-gocsgo-net.disqus.com
ius.ctnsnet.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pool.admedo.com
pr-bh.ybp.yahoo.com
r1---sn-4g5edn6r.gvt1.com
redirector.gvt1.com
region1.analytics.google.com
s.tribalfusion.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
web.webpushs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
142.250.185.98
151.101.66.49
185.29.134.248
199.232.192.134
2001:4860:4802:32::3
2001:4860:4802:32::36
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:e::6
2a00:1450:400c:c06::9c
2a01:4f8:d0a:2677::2
2a02:6b8::1:119
2a02:6ea0:c700::11
2a05:d018:d29:3602:4dc4:1acd:4e16:7f78
2a05:d01c:1d8:8101:a62a:a2db:d81b:4039
3.126.156.38
35.158.143.193
35.186.193.173
35.210.53.219
37.157.6.233
019e826fde753380f86e733ed4b87c1780f8f54b1a19975bd7eef299f4c4fb42
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
03521b929940337e48fd29b79552b5e04868d12ffa58a446211384063ededc5f
043c00bce8a161f1d89d4a400bfbb137d7b8aa1f813bdcd28acceb0875e13093
047923150d05ae5a2f04492c616d2011ef470f81d9464c491d69444d346c3d4d
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
083c9e51fc1abf9d7231d2a4d57b89cd6436a443bdb5709e9e31988c1db63791
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd71050ab50b109dce56153689587e5882615bd8c24eb1facaeca69891e6f02
152e662250a15a9946e3ff3f4b4ba9ce509fbd59ccb16011e76155c2bf0d20bf
1ebecce52ccc56b5068c3a8cfe9b0560228f52ff9b9b823595e78fa4c353a14a
21d16e8bab55794d3b569692077655f305b01453471164cf6c2a9dc707077877
21de4ec56087337abab1655c377796675e5660f75d5177d673246a9d5b69dc50
24fc07e4176afcb82afa8342e89777a846fad19a15e649a56f6faaf355229aa1
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c94daba63c8c041a7972805ffc6715a2e23f92e1bcadb4b34c2a318f87d30c
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
377669f40e40807c7dfbc0d023375be46b8e1b04a1f0d9fb0c8f772f8cd04ff7
37d634cbab821fa176c446f182882c7748c8600b974094887c40b5d4f4275dbc
3d292787a58e7fb664514569857091255dbe6020b5860d3cfca3381e6b97ff46
3d5a0c4c935182b3504cc3141b5e2c94208728e62fa7f3c9b06b84080c5ca1b6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49adefe64f0b21e3bdf5ccc52e1cbc0988bc0a3d40bedd2fd8ed77f381394eeb
4d6289ba3481fd389360d0f913bc14c0054a34f6df65c1062ec9d17163c82c17
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6fb63042113d6e7e68305cb62c89145d820b29e7111cedbc7d4b2b3a005f01
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5295c5a4d9bf99db1c20a3330affdcca13e1c511e45691c3727843f16784eea4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b0304384f719924920550c6f2db8f7a1339c4f2295233ad554081d245c3cf9
563a74589a5309768560561ba3aa0ff517909ab324f73464889c3f23f88a7a63
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7fd0ce258549848663c111aa61034e66ad6e3cd04cc5acd3b5d0bb1821afb1
5a7ff420e231eccb016c83a5318296d8c104c53eb8413819c17a05a3155c2a87
5aeff5501617f2cb02daf2cca4a6dbe95f4b6ba4460f0a2a4d0ed2a131d7214d
600925f58ac9b5e7a1aaa04c30f00c33a8633133667c28586ecb9eb3da37496c
60d312c61d6765e2565609a60deace445af0d6c28538172aa2f9f8f6ff5ec580
612e0c72fccddab3116dde031619e4f0379e329d43670bab4e52f903b427f59f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6400e6f97c441fca387d1b02df1fbdd1baede26e66f7c875fcd6ea5c9264515c
710b738d355ec7d2cff2e750421f4b67997287032b75283ada7832c76eca7d3b
71e53825f3ca5608dd11cccc18de10932c62c68d0aa5e060407fd0912537619e
7288f38e4c2448497e5f11b19d115541ff911abba5065437043f83d4cb4be1fe
758fc857b23bc69bb82d6c0fd0722d0e505e378f068ff2861298141c3d4e60ad
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ff470d2082ea3255967e2a9f1dd08051ec73b2fca943bb85ae1718b018fc49
7a375048ed9108c466a84db3a3ea6bf33f228b02345e4421520995b39ef728c5
7a63f1300c24cc773df78f1fded7eec718608a1a971b06548d5eacc68a0d3b3a
80be75346a05d376a0f2e405b9696e8406a195b29b4c1cd6ca962a63959c62a8
81300603eb6ba67b4116b53f0e39b1033f0b694d85144773ea4dfaae66df49a2
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
828c916265f89cc642ce801d79f128735d689559543e5be5a62d713896e70487
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a45b5a2ab490b3a1c802710e7b23b724454c94a3c182c551bffd933b3ecf47
8838e8cd477fb3408859936b0e8dd2ab400f6a8830b59c3f4da590e1fd1d6e98
88bae1d4ee64b770f101fb4f13045a1dcad9158f131fe9a9fae96d80f61dd569
8b84e8e5f80f9b1c9185fe81dd21a8e48e15e3f35aaa49cc0bb9bb00e09beb98
8c168ce2be9c2b41232bb803816b4d2dd7c7ce64e42a35ebd54daa546e1f4ffb
8d2024e6d6a96e21a0e73f471c021ad8f7e6ac4afdd34d3565b777acc853dec0
8f09b3c096bd421355d2297b782c01512234385fa2c947d3609ed35d5e2f8bd7
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
931caa5e6afad8374a3790d0564d8336d6f88ddfbad17d973eb731d8acec8f8d
934d7f8a95df2fdb58e3a084933d1f6e4adc997a87fcf6fcf2d88ba97f962e51
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc8f3b7bcb7506c84c9f83ad4b417e25d01bd8ade4ffd1cf0296d253a9c3ae6
9ea3f941d143f512c5b38e6727d3e99399637c241cee48125e249540a4e1032b
a0303cab053c7a28d8f173086440918a8b3ab3df5ea38203b2b2e157efe4eec9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ecd6c8d85b8e5e1dc7df9f8f2033b3242803a4d155f3ee0c121efd4a9c31e0
abf6a90f2122fa511309308188191656821a54fef5e83b3354ba413346030c94
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1498b4420d6ff0f7b2b4700bbafc1aad186e0604112916d638fa028e174a299
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b3873256ca84d7f95c6bb8dff7600abee8d562fa1b50aeffd62de2f5bac4fcce
b430ed0b808e404ebf5572db9c394187295463a6a3e38e9e4c2df0f7bc8efa5c
b61c8ea3a02eb1eb6d2e16d0a55e2b84a0a4dc70a5b7109225412a7294f218d7
b6ed24fa1e528dba09e374ae01aa5e6ae9d19b4ebe8b626b940f3db961256a64
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf4712754a023f4fc6b9d4178f6df99b22980083b926544c1ef838c67ae44250
c0c68f75d23c6432375c773f6b955a7ceb1d08bacac671d76066cd8b4073505e
c1ac199347f073b3f45a79aaf9a61a6f9a12b01cfeacfcd0fa9cc2ddc030d79c
c2704429a13038a8c4085ea45f2ebac77a1fe0261b79d8e05c7c11565a26f012
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4f284497e9c3709c6bff32e0861f7d17d7e68787aa9e1757eb94d8c19d4dafe
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8e9b351d9f5346b80117937d899d560ed285259f20caba6a3bc38ca5ae89b02
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cde3286e18c4130b2923e93a62e937d6791c9e061f44133b6d69837591ace040
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cfb8ce36d294ff0664b2c08f574abf12be8650f8ad28ec9e2db3cef1515d8719
d065b21b105ddfa3516c34b9f3c2daa0ec3d4d2f5f84f280fdf05b894bd18c09
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d1c8ede9f6374f87b7bd3fc293efd0f3abaaa9a796fc6a720f80db2c9bc8e279
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcdedf657349235d39ceba6bdf6e9f6c1208570ae756c619895ffd98faeded2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ba3380f0caae013653881bc7a7512d821a1c23d52a104d1717528f29267c78
e57095344787edf94e03d0b3cf3890ce05ff8140c0b2acd1c875b40782e2a3fe
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e80c1429084e35d5416b95531d6cb790a8e7daf6a63075ea74f512776f130072
ef0413a4230d37e77455ba46f3fdf5fda5b3bb0090a62f2f792e2bba03e30e82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6278d4d8606914e659cc7f30c76cef0366252ec13e5302fa3c0e7946b97232c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc1b728d5c5048ccf472c28a89245162b7146da2441cfbdd6fee6b02eff5db2c

gocsgo.net Open in urlscan Pro 2a01:4f8:d0a:2677::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

91 %HTTPS

74 %IPv6

29 Domains

39 Subdomains

27 IPs

7 Countries

6818 kBTransfer

8966 kBSize

42 Cookies

3 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gocsgo.net Open in urlscan Pro
2a01:4f8:d0a:2677::2 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

91 %
HTTPS

74 %
IPv6

29
Domains

39
Subdomains

27
IPs

7
Countries

6818 kB
Transfer

8966 kB
Size

42
Cookies

174 HTTP transactions
7 data transactions