counter-strike-video.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://counter-strike-video.fr.gd/
Submission: On January 12 via api (January 12th 2024, 11:04:43 pm UTC) from US — Scanned from US

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 23 domains to perform 104 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is counter-strike-video.fr.gd.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.

This is the only time counter-strike-video.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
23	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
5	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2606:4700:303... 2606:4700:3037::ac43:cc74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
2 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
2	2606:4700:310... 2606:4700:3108::ac42:2bc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
4	172.253.63.148 172.253.63.148	15169 (GOOGLE) (GOOGLE)
1 3	18.185.208.113 18.185.208.113	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c07::95	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:215f:7a00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
5 8	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.200.197.46 23.200.197.46	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1 2	3.125.0.27 3.125.0.27	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:cd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
104	27

1 193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

counter-strike-video.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1d::9a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 2 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2bc3 (United States)

ASN13335 (CLOUDFLARENET, US)

esdownload.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.208.113 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-208-113.eu-central-1.compute.amazonaws.com

api.yieldads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:7a00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.115.155 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.24 (Jersey City, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.200.197.46 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.0.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-0-27.eu-central-1.compute.amazonaws.com

findarios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cd7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.linksprf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	502 KB
23	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	180 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	356 KB
6	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 414033	104 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 524	748 B
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	404 KB
3	gstatic.com www.gstatic.com	17 KB
3	yieldads.net 1 redirects api.yieldads.net — Cisco Umbrella Rank: 120597	15 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 119580	2 KB
2	linksprf.com 1 redirects r.linksprf.com — Cisco Umbrella Rank: 81816	2 KB
2	findarios.com 1 redirects findarios.com — Cisco Umbrella Rank: 555242	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	628 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	esdownload.de esdownload.de — Cisco Umbrella Rank: 725937	26 KB
2	adcell.com 2 redirects t.adcell.com — Cisco Umbrella Rank: 57836	603 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 776	634 B
1	fwdtrk.com fwdtrk.com fwd.fwdtrk.com Failed	2 KB
1	asrv205.com asrv205.com	1 KB
1	fr.gd counter-strike-video.fr.gd	4 KB
0	stage-entertainment.de Failed et.stage-entertainment.de Failed
104	23

	Domain	Requested by
23	pagead2.googlesyndication.com	counter-strike-video.fr.gd pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net counter-strike-video.fr.gd ad.doubleclick.net tpc.googlesyndication.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com counter-strike-video.fr.gd
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com counter-strike-video.fr.gd
5	theme.webme.com	counter-strike-video.fr.gd
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	www.googletagservices.com counter-strike-video.fr.gd
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	googleads.g.doubleclick.net
3	www.gstatic.com	counter-strike-video.fr.gd googleads.g.doubleclick.net
3	api.yieldads.net	1 redirects visifeed.org api.yieldads.net
3	visifeed.org	fwdtrk.com visifeed.org
2	r.linksprf.com	1 redirects findarios.com
2	findarios.com	1 redirects api.yieldads.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net counter-strike-video.fr.gd
2	esdownload.de	asrv205.com
2	t.adcell.com	2 redirects
1	d.agkn.com	googleads.g.doubleclick.net
1	fwdtrk.com	asrv205.com
1	asrv205.com	counter-strike-video.fr.gd
1	img.webme.com	counter-strike-video.fr.gd
1	counter-strike-video.fr.gd
0	et.stage-entertainment.de Failed	r.linksprf.com
0	fwd.fwdtrk.com Failed	fwdtrk.com
104	29

This site contains links to these domains. Also see Links.

Domain
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
img.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
fwdtrk.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
api.yieldads.net Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
findarios.com Amazon RSA 2048 M02	`2023-08-27` - `2024-09-25`	a year	crt.sh
linksprf.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://counter-strike-video.fr.gd/
Frame ID: 9999BF74883AA03656476DB865A5FAC4
Requests: 13 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 84887A9E8EE936C33782A76F08891E24
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 9CF0EE3B75CC644999C406E086FBB024
Requests: 1 HTTP requests in this frame

Frame: https://esdownload.de/vc?utm_source=vc_adcell&utm_medium=affiliate&utm_campaign=257824&bid=249855-105746-&adcref=asrv205.com%2F
Frame ID: 92213544E02F7E9877548864F92B21F6
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6NiwiY3JlYXRpdmVfaWQiOjksInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IlVTIiwidHMiOjE3MDUxMDA2Nzh9
Frame ID: C6BFD251D9DE4A245C920FBB69002486
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7125197712444259&output=html&adk=1812271804&adf=3025194257&lmt=1705100678&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_r&format=0x0&url=https%3A%2F%2Fcounter-strike-video.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705100678425&bpp=15&bdt=424&idt=375&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8064775913163&frm=20&pv=2&ga_vid=1101481603.1705100679&ga_sid=1705100679&ga_hid=51855986&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&oid=2&pvsid=826313786102077&tmod=48429542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: 85BAD676FA56E9A6BE2ECBFA13B176D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7125197712444259&output=html&h=280&adk=745244200&adf=1779970613&pi=t.aa~a.3210848050~rp.1&w=611&fwrn=4&fwrnh=100&lmt=1705100678&rafmt=1&to=qs&pwprc=3996251837&format=611x280&url=https%3A%2F%2Fcounter-strike-video.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705100678440&bpp=2&bdt=440&idt=386&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8064775913163&frm=20&pv=1&ga_vid=1101481603.1705100679&ga_sid=1705100679&ga_hid=51855986&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&oid=2&pvsid=826313786102077&tmod=48429542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389
Frame ID: 750067260A1727C4E32E457AA0B8BD3E
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c2aa&ci=yCby.Ms%3F&its=9F%5Bt%2ALp5d7b%40%7BQD%3BujPWbU%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 1B7F8601111897405F100B3962999C46
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 0832E72858243D3068C4CED5F75BC1D3
Requests: 18 HTTP requests in this frame

Frame: https://et.stage-entertainment.de/cl.aspx?extProvId=27&extLi=de_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_455742&extCr=Homepage&extPu=stage-belboon&extProvApi=128665&extSi=455742&extPm=471453&url=https%3A%2F%2Fwww.stage-entertainment.de%2F%3Futm_medium%3Daffiliate-belboon%26utm_source%3D455742%26utm_campaign%3Dde_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_%7BPARTNER_ID%7D&belboon=2401122304433030282&iclid=1-21528003-a1ff-348a-808a-84ffa1038052-a76639&utm_medium=affiliate-belboon&utm_source=455742
Frame ID: 7E3DE4B30AA432EF2DAF385A6DCDCF99
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 0384F36D41AEAE0D59810694D05C0CBB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 99A06A10CAB88913375C00E9769BB919
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: CE610F74BB652EE59C70639D31814A95
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A78FF0D8F91DCBF3B6FCC118B951822D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRja28uDAjAB&v=APEucNVFdNzo5Q1l-B0Rf_jOr7T7T56fpKw0S-ZIu8ZPhKtpt0-ZwPOj_GIDuR-mOuzreud-Hh5lqbUqKDqhqnqoJtlhDuQgog
Frame ID: 9E1B6F3E57170F6026A030DBBE91A2F7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: C8E620D55DF31D4A03EA4BE7B958A8E2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP-3gIQvcTgAhjYvY32ATAB&v=APEucNVZLMeML7sanC7J1WP5q_DIFzYo0Yy6QPMajj-qZYR-Jd_4480Cucl2aGcSbDfl6NAOA5PgYfI1JpMw-mHx9TAyA-utlQ
Frame ID: 53B94AE848D7F1B10EC5574972242DBC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: 92A5028F97DB068D57036BCB2E3A5843
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 10F02CE7B833F727FE3C5C927FE6D0ED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F8B7D844F4DBD856234FBE25315E8C3D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0A08306F17E096D559F390AD548FC0D1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Frame ID: D40ECBB952D508A9632CE797E170505D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Counter Strike - Accueil

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

104
Requests

88 %
HTTPS

44 %
IPv6

23
Domains

29
Subdomains

27
IPs

3
Countries

1619 kB
Transfer

3751 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://t.adcell.com/p/image?promoId=316122&slotId=105746 HTTP 302
https://esdownload.de/img/displaybanner/O2021STD_static_price/ch/300_250_CTA1_V1.png

Request Chain 12

https://t.adcell.com/p/view?promoId=249855&slotId=105746&pv=1&htlp=1 HTTP 302
https://esdownload.de/vc?utm_source=vc_adcell&utm_medium=affiliate&utm_campaign=257824&bid=249855-105746-&adcref=asrv205.com%2F

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaHFiOgU904R-cc1EZwJjwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGDY1mAMeBSmMiAxG3tQAhI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGDY1mAMeBSmMiAxG3tQAhI%26google_cver%3D1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Njk0MjQxNjM2MzgwNTc4OA%3D%3D

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFTdoIlkv_ADsvUE47vR0I&google_cver=1

Request Chain 78

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2E0NzU0YjItZjU5OS0yNWI5LWNjYmUtNTg4NzcxNWU0NjQ1

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEG_aTeXVZBL1cxT-gS0jitg&google_cver=1

Request Chain 80

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjhhNGMxYzktYjIzNy00MDU0LThmMjQtMGUxZjAxNDA1YTg4

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=C512WhsWhZaiVNaXNoPMPx9KqkAjPzv6ideaDmuODEtnZHhABIJmAgqABYMmGgIDco8QQoAGJ2PbJA8gBCagDAcgDAqoElgJP0MnaEp2Wf8QOR6StXL2eCHRasd0exc7auLBfmqU2y_-JG3lSTasd6X4lSwdjQhut_0wK81RxU9tpDc3CXFb4w-x2zORa5EzrXCEx4qT1VzEKttjyz4e0iJcK5rBVZe8ok6OxpRKiYt1oxQ-USWRILiS0_8VU90hWXJagoZoZ3BHw3HlLk98AAdlQiD-RhI3lOi7fYfF8pdlG8R1MmjTo7AV3T7lRt1ollBLtQ-y9mZl9ho5gH3sntJpuWO5FvLuFQhssWjI874TIQXm8wUKpv-Wk_wEoXS9tgD7uhls0QmLv9yKeJFJVmn3myEqgw3cB-O_BkCKRJeZeM_0s3_nuEQLj0jXkYvtzsHuKLtdKD7s-ph7UA8AEzcOcvrsEiAXenqyZTZIFBAgEGAGSBQQIBRgEoAYRgAeK49Y_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1oBu0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljb1ZSC-9iDA5oJ0gFodHRwczovL2FkLmRvdWJsZWNsaWNrLm5ldC9zZWFyY2hhZHMvbGluay9jbGljaz8mZHNfYV9jaWQ9MTM1MDQ5MTIyJmRzX2FfY2FpZD0mZHNfYV9hZ2lkPSZkc19hX2ZpaWQ9JmRzX2FfbGlkPSZkc19hX2V4dGlkPSYmZHNfZV9hZGlkPTAmZHNfZV9tYXRjaHR5cGU9c2VhcmNoJmRzX2VfZGV2aWNlPWMmZHNfZV9uZXR3b3JrPSYmZHNfdXJsX3Y9MiZkc19kZXN0X3VybD2ACgHICwHaDBEKCxDA5O-rgJ-fztgBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03MTI1MTk3NzEyNDQ0MjU5GAA&sigh=-PBoISeZZB8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ZTxnTpuFz5wiNNYEJKXFgXRRHHtx1YUwzSvGh5u_Z-foDdIt2YlNL-vTaIjXqYzTdkrASO32is5UpZJpdbYUwEjDWtN4RfETMhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba952b753ce8f5600000000000000000%22,%222%22:%220x46b610447213295e0000000000000000%22,%223%22:%220xf3e11cbb6492b7d30000000000000000%22,%224%22:%220x2918ed7be21ac4b90000000000000000%22,%225%22:%220x7d443e56c91d86370000000000000000%22},%22debug_key%22:%221089712393108366651%22,%22debug_reporting%22:true,%22destination%22:%22https://doubleclick.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22960343049%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217729859890550941345%22}&andc=true

Request Chain 99

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjE2IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMTYgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://findarios.com/y?t=stage-entertainment.de&cid=9c2c37d1f5bd077cb0b3d6bac8baa3aafd6d16b543515d1102bc61a521de789c&identifier=da1f6ec6f064d0cb HTTP 302
https://findarios.com/search/stage-entertainment.de

Request Chain 104

https://r.linksprf.com/v1/redirect?url=https://stage-entertainment.de&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/search/stage-entertainment.de&yk_tag=9c2c37d1f5bd077cb0b3d6bac8baa3aafd6d16b543515d1102bc61a521de789c HTTP 302
https://r.linksprf.com/v2/go?t=4t8p0%3A3%2Fbu1ebtbres0a0e2edtcrba5n2e3t1d0%2F4s3iv014m4%26%2F9sy%3F7y9%3DR%26.m5%3D1d4e2w7r5s.bbln.4k5o4t.n7a4c3aCrTp9tmcRt_8s0c3%3D50%2F0t0e0.4n8m9i4t7een7-ag4t2.8.8nbm6nf%2F9set7h&e=1&ai=9ef4716b9df94a9c926fd627525c7f59&sct=0&ct=1705100682365&cu=954b7ced72a0402e8b8bb16bf390e874&ykuid=7fb2257052d74e0c8b2e961488bf38e4&sc=1&cs=02b78a675a920ac2de8aa2f1b21624a7

Request Chain 105

https://nument.r.stage-entertainment.de/ts/i5034048/tsc?typ=r&amc=adnetworks.blbn.455742.471453.CRT997myR9_&smc1=v030400014382954b7ced72a0402e8b8bb16bf390e874 HTTP 302
https://et.stage-entertainment.de/cl.aspx?extProvId=27&extLi=de_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_455742&extCr=Homepage&extPu=stage-belboon&extProvApi=128665&extSi=455742&extPm=471453&url=https%3A%2F%2Fwww.stage-entertainment.de%2F%3Futm_medium%3Daffiliate-belboon%26utm_source%3D455742%26utm_campaign%3Dde_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_%7BPARTNER_ID%7D&belboon=2401122304433030282&iclid=1-21528003-a1ff-348a-808a-84ffa1038052-a76639&utm_medium=affiliate-belboon&utm_source=455742

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
counter-strike-video.fr.gd/ 15 KB
4 KB 1144ms
170ms Document
text/html 193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: bb826c05231e747195909086199d95fe57521dfb0a6891b827e05c8056424e89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Fri, 12 Jan 2024 23:04:37 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 722408934
X-wm-1: b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 324ms
80ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7125197712444259&host=ca-host-pub-1483906849246906

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51cd736d2b573cf53034b97d598731a03ba3647d6143c89fdef48875d535412d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Origin: https://counter-strike-video.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51281
x-xss-protection: 0
server: cafe
etag: 11071599521841052255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:38 GMT

GET
H/1.1 200
OK arrow.gif
theme.webme.com/designs/gaming/Bilder/ 350 B
764 B 825ms
138ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/gaming/Bilder/arrow.gif
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: b28c8f08b2b4a3c880076cf7ea72c074e0406e2d1e0234618484a11ceacce673

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 79686
Content-Type: image/gif
X-Varnish: 512753464, 233426853 228404108
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 350
Expires: Fri, 23 Feb 2024 00:56:32 GMT

GET
H/1.1 200
OK menu0su.jpg
img.webme.com/pic/c/counter-strike-video/ 63 KB
64 KB 962ms
276ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/c/counter-strike-video/menu0su.jpg
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 4a6b4c4ff4c12aef58ddcbe059592d0c0436877717c4ea00dff16d024e637473

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sat, 20 Dec 2014 17:27:23 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 49350
ETag: "5495b17b-fda3"
X-Varnish: 615388652, 235612659 230435696
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64931

GET
H/1.1 200
OK bg.gif
theme.webme.com/designs/gaming/Bilder/ 139 B
553 B 817ms
142ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/gaming/Bilder/bg.gif
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 5c8f491358afad9ec66ea13ea3e3807567f15074e5db636fd2680c3fcda69193

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 64813
Content-Type: image/gif
X-Varnish: 551534665, 233426855 229448248
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139
Expires: Fri, 23 Feb 2024 05:04:24 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame 8488 2 KB
1 KB 412ms
190ms Document
text/html 2606:4700:3037::ac43:cc74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e2efa14b9a95331d63013f1220373eaf3e4a65797115643d42e2a15411bcdd

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84490a272ba48da8-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 23:04:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4TZzmOMmUYciUTvRlezEro0v6HZ3fF4Bqpj%2B5g%2B3xIsKXZz8%2FKsXVXHIJEi%2FdMznO69ryLEPF0WhzAfLNr3OO5LAdpDCqO%2Fcku2X8qylDDuZuylM5wmIRpbcO7mIqsEsjdLzLklY0zbjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK header.gif
theme.webme.com/designs/gaming/Bilder/ 33 KB
33 KB 968ms
294ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/gaming/Bilder/header.gif
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: e770edd1816d0d4d1f443fac7fe89d04197d8af2be9c1a7f0309ece017e3ec31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 64813
Content-Type: image/gif
X-Varnish: 564533390, 235612663 228877289
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33295
Expires: Fri, 23 Feb 2024 05:04:24 GMT

GET
H/1.1 200
OK navi.gif
theme.webme.com/designs/gaming/Bilder/ 2 KB
3 KB 823ms
147ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/gaming/Bilder/navi.gif
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 345a52ef2133589d9518b2f6108dcde815eb75388168ec7440fb04f925e28eb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 64814
Content-Type: image/gif
X-Varnish: 560374485, 233426857 225045499
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2185
Expires: Fri, 23 Feb 2024 05:04:24 GMT

GET
H/1.1 200
OK google.gif
theme.webme.com/designs/gaming/Bilder/ 3 KB
4 KB 824ms
147ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/gaming/Bilder/google.gif
Requested by: Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 5d5be65169bfc248cb0fb182785e64c7e6bb04070ae7aac94ac1336ba6c61e83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 23:04:38 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 64814
Content-Type: image/gif
X-Varnish: 560374487, 235612665 229448245
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3201
Expires: Fri, 23 Feb 2024 05:04:24 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 251ms
145ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7125197712444259&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87eab1097f4884108c9a6856c5ccff0a0ecf9f161044f7a6b4a2160cc2566fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139352
x-xss-protection: 0
server: cafe
etag: 4097353299816514131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:38 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 9CF0 9 KB
4 KB 161ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7125197712444259&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 23:15:05 GMT
etag: 3009746639812436877
expires: Thu, 25 Jan 2024 23:15:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

300_250_CTA1_V1.png
esdownload.de/img/displaybanner/O2021STD_static_price/ch/ Frame 8488
Redirect Chain

https://t.adcell.com/p/image?promoId=316122&slotId=105746
https://esdownload.de/img/displaybanner/O2021STD_static_price/ch/300_250_CTA1_V1.png

25 KB
25 KB

136ms
38ms

Image
image/png

2606:4700:3108::ac42:2bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esdownload.de/img/displaybanner/O2021STD_static_price/ch/300_250_CTA1_V1.png
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Server: 2606:4700:3108::ac42:2bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7704873dfae629ca389abddec0128ff6f5bd0303545edc311a9c4157bd6f7fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:39 GMT
cf-cache-status: HIT
age: 136929
cf-polished: origSize=28299, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 25454
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Apr 2023 23:37:04 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84490a2bfc610a12-MIA
expires: Mon, 01 Jan 2024 19:42:22 GMT

Redirect headers

date: Fri, 12 Jan 2024 23:04:38 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://esdownload.de/img/displaybanner/O2021STD_static_price/ch/300_250_CTA1_V1.png
cache-control: max-age=0
content-length: 0
expires: Fri, 12 Jan 2024 23:04:38 GMT

GET
H2

200

vc Show response
esdownload.de/ Frame 9221
Redirect Chain

https://t.adcell.com/p/view?promoId=249855&slotId=105746&pv=1&htlp=1
https://esdownload.de/vc?utm_source=vc_adcell&utm_medium=affiliate&utm_campaign=257824&bid=249855-105746-&adcref=asrv205.com%2F

95 B
562 B

337ms
239ms

Document
image/png

2606:4700:3108::ac42:2bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esdownload.de/vc?utm_source=vc_adcell&utm_medium=affiliate&utm_campaign=257824&bid=249855-105746-&adcref=asrv205.com%2F
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 84490a2bfc600a12-MIA
content-length: 95
content-type: image/png
date: Fri, 12 Jan 2024 23:04:39 GMT
expires: Sun, 11 Feb 2024 23:04:39 GMT
powered-by: thirty bees
server: cloudflare
vary: User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Fri, 12 Jan 2024 23:04:38 GMT
expires: Fri, 12 Jan 2024 23:04:38 GMT
location: https://esdownload.de/vc?utm_source=vc_adcell&utm_medium=affiliate&utm_campaign=257824&bid=249855-105746-&adcref=asrv205.com%2F
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6NiwiY3JlYXRpdmVfaWQiOjksInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhL... Show response
fwdtrk.com/track/ Frame C6BF 1 KB
2 KB 467ms
162ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6NiwiY3JlYXRpdmVfaWQiOjksInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IlVTIiwidHMiOjE3MDUxMDA2Nzh9
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 23:04:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85BA 437 KB
110 KB 857ms
856ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7125197712444259&output=html&adk=1812271804&adf=3025194257&lmt=1705100678&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_r&format=0x0&url=https%3A%2F%2Fcounter-strike-video.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705100678425&bpp=15&bdt=424&idt=375&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8064775913163&frm=20&pv=2&ga_vid=1101481603.1705100679&ga_sid=1705100679&ga_hid=51855986&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&oid=2&pvsid=826313786102077&tmod=48429542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36a4a52fde317e86dde8747049647f1ca6944ccd01217a3b065d17d477acc70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 112237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 23:04:39 GMT
expires: Fri, 12 Jan 2024 23:04:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
67ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7500 62 KB
20 KB 568ms
567ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7125197712444259&output=html&h=280&adk=745244200&adf=1779970613&pi=t.aa~a.3210848050~rp.1&w=611&fwrn=4&fwrnh=100&lmt=1705100678&rafmt=1&to=qs&pwprc=3996251837&format=611x280&url=https%3A%2F%2Fcounter-strike-video.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705100678440&bpp=2&bdt=440&idt=386&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8064775913163&frm=20&pv=1&ga_vid=1101481603.1705100679&ga_sid=1705100679&ga_hid=51855986&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&oid=2&pvsid=826313786102077&tmod=48429542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d678fff5704aa0750a7d4cfd8ad56b5a7c06f952d876ff36cbb61b393a32dfab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 23:04:39 GMT
expires: Fri, 12 Jan 2024 23:04:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET track
fwd.fwdtrk.com/ Frame C6BF 0
0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 1B7F 405 B
738 B 453ms
166ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6NiwiY3JlYXRpdmVfaWQiOjksInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IlVTIiwidHMiOjE3MDUxMDA2Nzh9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 364ba0bed75f33bb235781921a403bac9ec447717f020a6ba1d2402e3b33131a

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 23:04:39 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0832 18 KB
8 KB 163ms
53ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7125197712444259&output=html&h=280&adk=745244200&adf=1779970613&pi=t.aa~a.3210848050~rp.1&w=611&fwrn=4&fwrnh=100&lmt=1705100678&rafmt=1&to=qs&pwprc=3996251837&format=611x280&url=https%3A%2F%2Fcounter-strike-video.fr.gd%2F&ea=0&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705100678440&bpp=2&bdt=440&idt=386&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8064775913163&frm=20&pv=1&ga_vid=1101481603.1705100679&ga_sid=1705100679&ga_hid=51855986&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&oid=2&pvsid=826313786102077&tmod=48429542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 12 Jan 2024 23:34:58 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0832 36 KB
14 KB 162ms
52ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14392
x-xss-protection: 0
server: cafe
etag: 5705098247650313184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:10:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0832 3 KB
1 KB 222ms
113ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:05:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0832 20 KB
8 KB 174ms
65ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:06:14 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0832 205 KB
65 KB 168ms
59ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 0832 23 KB
9 KB 212ms
104ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:47:58 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame 1B7F 410 B
735 B 148ms
148ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c2aa&ci=yCby.Ms%3F&its=9F%5Bt%2ALp5d7b%40%7BQD%3BujPWbU%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: de5fa3c531c2d2de90d9657522c1f37907aa7fcbc5f3b932be151d1113b6a450

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 23:04:39 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 0832 59 KB
23 KB 96ms
95ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 19:39:19 GMT

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 7E3D 347 B
672 B 161ms
161ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&ci=yCby.Ms%3F&its=9F%5Bt%2ALp5d7b%40%7BQD%3BujPWbU%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c2aa&ci=yCby.Ms%3F&its=9F%5Bt%2ALp5d7b%40%7BQD%3BujPWbU%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 5f36dcdd162b32f72d8f3b1b565b9aaf8427e99c219a2a51b51da18caf10364c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 23:04:39 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 B30810225.378220078;dc_ver=99.292;sz=970x250;u_sd=1;dc_adk=2384916310;ord=2ii545;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCR5JEhsWhZaiVNaXNoPMPx9KqkAjPzv6ideaDmuODEtnZHh... Show response
ad.doubleclick.net/ddm/adj/N228601.3159GOOGLE/ Frame 0832 69 KB
32 KB 191ms
87ms Script
text/javascript 172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N228601.3159GOOGLE/B30810225.378220078;dc_ver=99.292;sz=970x250;u_sd=1;dc_adk=2384916310;ord=2ii545;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCR5JEhsWhZaiVNaXNoPMPx9KqkAjPzv6ideaDmuODEtnZHhABIJmAgqABYMmGgIDco8QQoAGJ2PbJA8gBCagDAcgDAqoEmQJP0MnaEp2Wf8QOR6StXL2eCHRasd0exc7auLBfmqU2y_-JG3lSTasd6X4lSwdjQhut_0wK81RxU9tpDc3CXFb4w-x2zORa5EzrXCEx4qT1VzEKttjyz4e0iJcK5rBVZe8ok6OxpRKiYt1oxQ-USWRILiS0_8VU90hWXJagoZoZ3BHw3HlLk98AAdlQiD-RhI3lOi7fYfF8pdlG8R1MmjTo7AV3T7lRt1ollBLtQ-y9mZl9ho5gH3sntJpuWO5FvLuFQhssWjI874TIQXm8wUKpv-Wk_wEoXS9tgD7uhls0QmLv9yKeJFJVmn3myEqgw3dD-s5TQqNQTWOfcxvImR8iKyTpVjzKeivVaRMPzW9lI6PGYeKS5Vfu-cAEzcOcvrsEiAXenqyZTaAGEYAHiuPWP6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNvVlIL72IMDgAoBmAsByAsBgAwB2gwRCgsQwOTvq4Cfn87YARICAQOqDQJVU8gNAdgTDdAVAfgWAYAXAQ%26ase%3D2%26gclid%3DEAIaIQobChMIqPCUgvvYgwMVpSZoCB1HqQqCEAEYASAAEgKUdfD_BwE%26num%3D1%26cid%3DCAQSTgAvHhf_ZTxnTpuFz5wiNNYEJKXFgXRRHHtx1YUwzSvGh5u_Z-foDdIt2YlNL-vTaIjXqYzTdkrASO32is5UpZJpdbYUwEjDWtN4RfETMhgB%26sig%3DAOD64_3EeJ4d44Q79bU0vUi2BNap9MR6gw%26client%3Dca-pub-7125197712444259%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcounter-strike-video.fr.gd%2F$0;xdt=1;crlt=8('U_7m8Cz;stc=1;chaa=1;sttr=135;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

9b835692f8fc858c083d5a8c383e18c2cf630a90820d881dbb62e6de45d8b04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31892
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 78ms
78ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76c560d948d609155fa8cf26b44140404a3a0d4589b89b1e56913e591446575c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56383
x-xss-protection: 0
server: cafe
etag: 16368414772656402289
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C31080260%2C44795921%2C44809004&hl=fr&pvc=826313786102077

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://counter-strike-video.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redirect Show response
api.yieldads.net/ Frame 7E3D 2 KB
2 KB 430ms
145ms Document
text/html 18.185.208.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&ci=yCby.Ms%3F&its=9F%5Bt%2ALp5d7b%40%7BQD%3BujPWbU%60&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-208-113.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.2.14
Resource Hash: 3a890782b00effa41a8264f4b17d5093dd900d8d018af3176fea9f82601892e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 23:04:40 GMT
server: nginx
x-powered-by: PHP/8.2.14

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 0384 9 KB
4 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 23:18:34 GMT
etag: 3009746639812436877
expires: Thu, 25 Jan 2024 23:18:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 99A0 9 KB
4 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 23:18:34 GMT
etag: 3009746639812436877
expires: Thu, 25 Jan 2024 23:18:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame CE61 9 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://counter-strike-video.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 23:18:34 GMT
etag: 3009746639812436877
expires: Thu, 25 Jan 2024 23:18:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0384 4 KB
1 KB 174ms
63ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:32:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A78F 14 KB
1 KB 164ms
64ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:24:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A78F 2 KB
902 B 53ms
53ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:49:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A78F 23 KB
9 KB 54ms
52ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:47:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A78F 3 KB
1 KB 59ms
57ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:05:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A78F 20 KB
8 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:06:14 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A78F 205 KB
65 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame A78F 37 KB
16 KB 159ms
52ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 23:46:33 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0384 16 KB
7 KB 63ms
62ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:35:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0384 205 B
294 B 168ms
66ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:37:09 GMT
x-content-type-options: nosniff
age: 8851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 20:37:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0384 604 B
918 B 167ms
65ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:42:33 GMT
x-content-type-options: nosniff
age: 4927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 21:42:33 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0384 22 KB
9 KB 65ms
65ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:53:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:53:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0832 11 KB
4 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N228601.3159GOOGLE/B30810225.378220078;dc_ver=99.292;sz=970x250;u_sd=1;dc_adk=2384916310;ord=2ii545;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCR5JEhsWhZaiVNaXNoPMPx9KqkAjPzv6ideaDmuODEtnZHhABIJmAgqABYMmGgIDco8QQoAGJ2PbJA8gBCagDAcgDAqoEmQJP0MnaEp2Wf8QOR6StXL2eCHRasd0exc7auLBfmqU2y_-JG3lSTasd6X4lSwdjQhut_0wK81RxU9tpDc3CXFb4w-x2zORa5EzrXCEx4qT1VzEKttjyz4e0iJcK5rBVZe8ok6OxpRKiYt1oxQ-USWRILiS0_8VU90hWXJagoZoZ3BHw3HlLk98AAdlQiD-RhI3lOi7fYfF8pdlG8R1MmjTo7AV3T7lRt1ollBLtQ-y9mZl9ho5gH3sntJpuWO5FvLuFQhssWjI874TIQXm8wUKpv-Wk_wEoXS9tgD7uhls0QmLv9yKeJFJVmn3myEqgw3dD-s5TQqNQTWOfcxvImR8iKyTpVjzKeivVaRMPzW9lI6PGYeKS5Vfu-cAEzcOcvrsEiAXenqyZTaAGEYAHiuPWP6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNvVlIL72IMDgAoBmAsByAsBgAwB2gwRCgsQwOTvq4Cfn87YARICAQOqDQJVU8gNAdgTDdAVAfgWAYAXAQ%26ase%3D2%26gclid%3DEAIaIQobChMIqPCUgvvYgwMVpSZoCB1HqQqCEAEYASAAEgKUdfD_BwE%26num%3D1%26cid%3DCAQSTgAvHhf_ZTxnTpuFz5wiNNYEJKXFgXRRHHtx1YUwzSvGh5u_Z-foDdIt2YlNL-vTaIjXqYzTdkrASO32is5UpZJpdbYUwEjDWtN4RfETMhgB%26sig%3DAOD64_3EeJ4d44Q79bU0vUi2BNap9MR6gw%26client%3Dca-pub-7125197712444259%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcounter-strike-video.fr.gd%2F$0;xdt=1;crlt=8('U_7m8Cz;stc=1;chaa=1;sttr=135;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:16:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0832 0
0 180ms
67ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5SyvMdOOfIDPOJ8xVWF2aFXO9bNbd_igsazZ9n_IQcn5_ACad6mPMUfFD5DH3y1qOpKFX9L-Kgjf_HI6ybKzdTlHJ-rWTWhpoBrywR5JXyIHJ8ScpYHvkH4PjpFKZvBojk8VrXbkR32euer6k7Ps4hOPlXR2hJGdBwrIlpx781jMcysklCDrAymI&sai=AMfl-YRHkDvrkbI_L4ikUfY2qzLK8X6Hd9JUC079l0i-TDeWmJg0NRMA4rAxsiUzKXUOknA2LFAIrfb-3de8p8MObrsZslf_HrlLuwzxaQ&sig=Cg0ArKJSzKMLG7P4rfz1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.97799&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0832 41 KB
14 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 08:53:52 GMT

GET
H2 200 8532334051416665707
s0.2mdn.net/simgad/ Frame 0832 263 KB
264 KB 170ms
54ms Image
image/png 2607:f8b0:4004:c07::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8532334051416665707

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea8a6b04d80c57683562bd87e514a16091862fc3bc639ecfc8889b911b7d9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 09:48:33 GMT
date: Wed, 10 Jan 2024 09:48:33 GMT
x-content-type-options: nosniff
age: 220567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269416
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 16:15:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0832 205 KB
65 KB 81ms
81ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
DATA 200
OK truncated
/ Frame 0832 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f3565a1ede3a64fd48f41a3dc0aa4eaddb68917587c755c523dcf46b7421949

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E1B 624 B
242 B 74ms
72ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRja28uDAjAB&v=APEucNVFdNzo5Q1l-B0Rf_jOr7T7T56fpKw0S-ZIu8ZPhKtpt0-ZwPOj_GIDuR-mOuzreud-Hh5lqbUqKDqhqnqoJtlhDuQgog

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 23:04:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame C8E6 23 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 23:02:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame C8E6 7 KB
3 KB 56ms
56ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:16:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:16:52 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C8E6 41 KB
14 KB 62ms
59ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 08:53:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C8E6 3 KB
1 KB 60ms
57ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:05:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C8E6 20 KB
8 KB 54ms
52ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:06:14 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8E6 205 KB
65 KB 85ms
83ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8E6 42 B
63 B 70ms
69ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWDQJWokWjW3XqLq3FtG7HNufebczipkNViWx36O53S_m1XD1dkQy6N_9-y-tVsxOh2e-Hwv_d73iDBkfGzfzqR4KV6oOCSH8TNusxvx8E3TWh-6Q

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8877535195686185386
s0.2mdn.net/simgad/ Frame C8E6 122 KB
122 KB 335ms
258ms Image
image/jpeg 2607:f8b0:4004:c07::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8877535195686185386

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922faaa860c28a507e3dbeb4ab1434e8f09a391e326a850a01d564a01908148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 08:56:13 GMT
date: Fri, 12 Jan 2024 08:56:13 GMT
x-content-type-options: nosniff
age: 50907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124444
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:13:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53B9 640 B
262 B 73ms
72ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP-3gIQvcTgAhjYvY32ATAB&v=APEucNVZLMeML7sanC7J1WP5q_DIFzYo0Yy6QPMajj-qZYR-Jd_4480Cucl2aGcSbDfl6NAOA5PgYfI1JpMw-mHx9TAyA-utlQ

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 23:04:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 92A5 23 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 23:02:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 92A5 7 KB
3 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:16:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 08:16:52 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 92A5 0
0 75ms
74ms Fetch
image/gif 172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssCC1DYqwDjX8yvwrNktrh9tFwfBSNuWQDIg2CyGHsbpQZ6hHcSOZi8nA0dseC5KQWIwPPa-wqdnCmUCmh_p2tlQ4D7tK4DriqBz2Suc8EmEzfUfzM_eiUjn6--yhbKVs03wMLIJNZrTp3J1q-IoHN7h4aTMOExexOHaN7JiPjyPx1uB6-yPYcV1dUC_Z_oPvKppVK05pEEsB-cLH7SADd5aq6fIKV7mpdL5b4oE1auuopBsMTQAHhBPRjf1fBg-9qm7NJ_tHU7FyFmrsyjzcZVDZ-pE__4a5yYKglA4nJnqlCun9edDpoGD2mUNKAwdYbBSlB16J8ijYdVNTaZHmZCmFw8PBe8hTkp_IWPZI24onqOHU930qogDT-P5lWIW5h7gjMRWPc4l-0dXRxeBk6hAI3PAHdMRsJ4Cm3uoxWE1Lw9QFna-vN1t6eHLBxC8CQh8FnxrSueaOy5MOSxoIA18H_TM8tD3flfbA27-pxAHAEH0DUTnv6nSvUP2MPLfEJzKGALYELpLm-Kl3Zj_OORFHYn39iHkGwNe1j3PmE8zfeg9dI8Phaqaf-N2_YpOjXbY-7CtdL1Hb_dPy0JCilsEi-5jQJrCvv0NzBWeDPe9EPR4fy_GNyVf6GmoYC-dLSenO5pcdCuB9N5IF2zvxgFuGZOjORg_qs-Ang1Y0v9mAY0m2zMKla0a02QAdfRq0zwg8c1uFADgZEXpQw10c6f5MX9781MJsjdyjetof9l2Y21nxPW8rcodOSwI6DV_w1CnceaDta14vdgLKQPkTl2rjs4BhkwoCYykPEWL98pUuuzR4Mq3_38c4BGSwHnOpSlk-Eg_evzB87inNFhMI7_zg4umsIBEW6WgzR-Z7msIiQv-MbMNYKTxRFbRky7azD-bW_DPUYHbjDU1YEeK_mn8FeHDjjCXqKxiAR2lB08CXWKPy8Ip3mWkI2-AHyqHTsReQnh3dGxB9urQnZRwOLl3Y3u70mDIBxfj5A1_yT9r3l94M9_nFZ40gFg-MgEMiyNfqqz3QPA5nbNChfbVECDZZ1SsQDZ8YT-NS6Bc00aPEtNNgwb5kTzYMlxDbO-cjSX9QfVKSB3h-cawQ5oAFGWXz52BGbuBK_c_teXYEJpVGHs7BWY4nYsm6qRXEdIZQB0JGmy84KLSzjX8pcEEyhjYD-zJ7Zg6WlH_qIcDdqbp3OdK6I63lTbXlu7I3EyVQhNh1y0tJYuOPAKRbsu1mpLvQrsov5cTMP5HEKkIBk1gx4yMQrSxO7_JUUau9hJHCEd0iwWeMYfssW_V0a4Eh7TJHx3x4Rld5NPBUkP3d56VKoIf8rw4BIMNFvd6Yh8QFs4l4uwk4Qa1dJGUWI6297Q100CdFEVIL3CivzKzZ0W1WctKZDwGpkzPmZO_i4PDxROMFuqQoHlSawTq-AAOF82DSEuBjUJXZDaBt2OhzJAhoLoXNFGylcW0mwlxCQphWhP&sai=AMfl-YTH78XtIJv_fmI77RJtk6_sd0Apdlo6f1-YRdAN-Na5xjhj9g4LSVzmdyT9oOeYMorNm3GgWelw1tImw-CKFL3rnNyEiUx0tEmoPi5YdD1yE-0cAhQ2U5V95vfLeyga5A1Y5Eap1BfuHQXe5X46K7c3q22LMd_ovmp2MWPTkdf1SsohjmhtvOvKTrHy-nklPqFIAW6rZ7bhfkZLfgBhBjE5mJYIuJ2Fw1T90ULl3c_Q4M0aqRjsvzVwUIdk-xehYPKNlUvwcAIKvLw0OvV-nZnKdRbn6dRKZgSLzIAB0L1q7rAo3YHOFkuO_DkCtddM8zYNZ73j6xYygnH1HfiJVpXx4uMSJBWJp9Sk5l3HcxtOeflWaYsiVDA5wWWNIFEPSdt-wrLNmStfwcDI5cmvfPqGca2BtPMq4q5x9QDcxrVdxMihY_EvthVhF0BegBwshOM1GsniU9O4x9FJgdgCnOSLRE4c5DjdibJAaHOCA2em_bQBQV6mjtJ4ZejCKhZUCxg0lXJPzae-&sig=Cg0ArKJSzPC6UTS0GB62EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wZXRzbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.47518&arae=0&ftch=1&adurl=

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 92A5 41 KB
14 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 08:53:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 92A5 3 KB
1 KB 58ms
57ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:05:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 92A5 20 KB
8 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:06:14 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92A5 205 KB
65 KB 78ms
77ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92A5 42 B
63 B 68ms
68ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0EE7udMPKIH26hwyyUU0A_Hin0UPP_zlbRc9kmeNtk6FXaWB_69ZfkO-2JfZ9-joYfMnuswzQcHiiA-aRrMrhMaADexzLjAYULX6L-WRXPSKUayw

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3249502743577211495
s0.2mdn.net/simgad/ Frame 92A5 18 KB
18 KB 295ms
253ms Image
image/jpeg 2607:f8b0:4004:c07::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3249502743577211495

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6436f8da4a2f0673674de2456e5930897c4dba5c463c34fdc15a72a1dd30134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 12:10:38 GMT
date: Wed, 10 Jan 2024 12:10:38 GMT
x-content-type-options: nosniff
age: 212042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18517
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 15:24:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 /
d.agkn.com/pixel/2387/ Frame 92A5 43 B
634 B 260ms
85ms Image
image/gif 2600:9000:215f:7a00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=US&st=FL&city=17762&dma=30&zp=33018&bw=4&che=2453749710&col=30489151,5862535,375706234,566523035,198157693
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:7a00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:39 GMT
via: 1.1 9b4f2014232c90b3056e1fb1e00215fc.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: VB5xdmkDzwTysTkrMPRYhpkIQP7GCynTW6rU3p1MBYOUmiyk8i40sQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1

43 B
772 B

71ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRja28uDAjAB&v=APEucNVFdNzo5Q1l-B0Rf_jOr7T7T56fpKw0S-ZIu8ZPhKtpt0-ZwPOj_GIDuR-mOuzreud-Hh5lqbUqKDqhqnqoJtlhDuQgog
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JPBDKPa%2FRjxRoDRRvDYY%2Ff3jZNBVDAcYs5xBqwN0HCPDcqeSdq0JQXin2SjgMAxNmLwJ6VveFxyPPmb4SmJUaY8IonI%2BkYtwz5US%2FCyn8Vo7pdLa4s4v1CgjMXv5K53Mu%2BOavvyzO0T8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84490a3478a59add-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E1B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaHFiOgU904R-cc1EZwJjwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1

43 B
739 B

71ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRja28uDAjAB&v=APEucNVFdNzo5Q1l-B0Rf_jOr7T7T56fpKw0S-ZIu8ZPhKtpt0-ZwPOj_GIDuR-mOuzreud-Hh5lqbUqKDqhqnqoJtlhDuQgog
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AIrrhgn4opE37zDpAV44vfuj6eexJVO5qRTKRxs0t%2B%2FGUEwhqDWHPfC%2FHdol3d%2Bn6NfQ1mn3E%2BIK7V8UZsID3CMdEe8q3HD9s%2BPerBbS%2BWm46%2F38ErXs4rD6D0t2GU6vWw1NSMR5SLSZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84490a357a799add-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV8S2aAjBd10b-LQ2ytlAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9E1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGDY1mAMeBSmMiAxG3tQAhI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGDY1mAMeBSmMiAxG3tQAhI%26google_cver%3D1

43 B
1 KB

63ms
63ms

Image
image/gif

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGDY1mAMeBSmMiAxG3tQAhI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRja28uDAjAB&v=APEucNVFdNzo5Q1l-B0Rf_jOr7T7T56fpKw0S-ZIu8ZPhKtpt0-ZwPOj_GIDuR-mOuzreud-Hh5lqbUqKDqhqnqoJtlhDuQgog

Protocol

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
an-x-request-uuid: 06b96ebc-11d7-4d70-8085-70b336afb437
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.77; 38.132.118.77; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
an-x-request-uuid: d051a4e9-9baa-46ec-8fe4-8a0d8cf85515
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGDY1mAMeBSmMiAxG3tQAhI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.77; 38.132.118.77; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E1B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Njk0MjQxNjM2MzgwNTc4OA%3D%3D

170 B
188 B

60ms
60ms

Image
image/png

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Njk0MjQxNjM2MzgwNTc4OA%3D%3D

Requested by

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
an-x-request-uuid: 05014a8e-741c-4c24-81e3-79aae9118886
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Njk0MjQxNjM2MzgwNTc4OA%3D%3D
x-proxy-origin: 38.132.118.77; 38.132.118.77; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 53B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFTdoIlkv_ADsvUE47vR0I&google_cver=1

43 B
61 B

45ms
44ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFTdoIlkv_ADsvUE47vR0I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP-3gIQvcTgAhjYvY32ATAB&v=APEucNVZLMeML7sanC7J1WP5q_DIFzYo0Yy6QPMajj-qZYR-Jd_4480Cucl2aGcSbDfl6NAOA5PgYfI1JpMw-mHx9TAyA-utlQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFTdoIlkv_ADsvUE47vR0I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53B9
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2E0NzU0YjItZjU5OS0yNWI5LWNjYmUtNTg4NzcxNWU0NjQ1

170 B
243 B

60ms
60ms

Image
image/png

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2E0NzU0YjItZjU5OS0yNWI5LWNjYmUtNTg4NzcxNWU0NjQ1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP-3gIQvcTgAhjYvY32ATAB&v=APEucNVZLMeML7sanC7J1WP5q_DIFzYo0Yy6QPMajj-qZYR-Jd_4480Cucl2aGcSbDfl6NAOA5PgYfI1JpMw-mHx9TAyA-utlQ

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2E0NzU0YjItZjU5OS0yNWI5LWNjYmUtNTg4NzcxNWU0NjQ1
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 53B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEG_aTeXVZBL1cxT-gS0jitg&google_cver=1

23 B
278 B

88ms
67ms

Image
image/gif

23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEG_aTeXVZBL1cxT-gS0jitg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP-3gIQvcTgAhjYvY32ATAB&v=APEucNVZLMeML7sanC7J1WP5q_DIFzYo0Yy6QPMajj-qZYR-Jd_4480Cucl2aGcSbDfl6NAOA5PgYfI1JpMw-mHx9TAyA-utlQ
Protocol: H2
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 23:04:40 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEG_aTeXVZBL1cxT-gS0jitg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53B9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjhhNGMxYzktYjIzNy00MDU0LThmMjQtMGUxZjAxNDA1YTg4

170 B
232 B

60ms
60ms

Image
image/png

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjhhNGMxYzktYjIzNy00MDU0LThmMjQtMGUxZjAxNDA1YTg4

Requested by

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjhhNGMxYzktYjIzNy00MDU0LThmMjQtMGUxZjAxNDA1YTg4
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 12 Jan 2024 23:04:40 GMT

GET
DATA 200
OK truncated
/ Frame 92A5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d542b5ad20ed2aa2b62c3543c355ece1bdd7d88be82648ea3c3e9faca235b1a8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0832
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C512WhsWhZaiVNaXNoPMPx9KqkAjPzv6ideaDmuODEtnZHhABIJmAgqABYMmGgIDco8QQoAGJ2PbJA8gBCagDAcgDAqoElgJP0MnaEp2Wf8QOR6StXL2eCHRasd0exc7auLBfmqU2y_-JG3l...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba952b753ce8f5600000000000000000%22,%222%22:%220x46b610447213295e0000000000000000%22,%223%22:%220xf3e11c...

0
0

166ms
64ms

Fetch
text/css

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba952b753ce8f5600000000000000000%22,%222%22:%220x46b610447213295e0000000000000000%22,%223%22:%220xf3e11cbb6492b7d30000000000000000%22,%224%22:%220x2918ed7be21ac4b90000000000000000%22,%225%22:%220x7d443e56c91d86370000000000000000%22},%22debug_key%22:%221089712393108366651%22,%22debug_reporting%22:true,%22destination%22:%22https://doubleclick.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22960343049%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217729859890550941345%22}&andc=true

Requested by

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xba952b753ce8f5600000000000000000","2":"0x46b610447213295e0000000000000000","3":"0xf3e11cbb6492b7d30000000000000000","4":"0x2918ed7be21ac4b90000000000000000","5":"0x7d443e56c91d86370000000000000000"},"debug_key":"1089712393108366651","debug_reporting":true,"destination":"https://doubleclick.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["960343049"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"17729859890550941345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 23:04:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xba952b753ce8f5600000000000000000","2":"0x46b610447213295e0000000000000000","3":"0xf3e11cbb6492b7d30000000000000000","4":"0x2918ed7be21ac4b90000000000000000","5":"0x7d443e56c91d86370000000000000000"},"debug_key":"1089712393108366651","debug_reporting":true,"destination":"https://doubleclick.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["960343049"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"17729859890550941345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 fp.min.js Show response
api.yieldads.net/js/ Frame 7E3D 34 KB
12 KB 831ms
830ms Script
application/javascript 18.185.208.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/js/fp.min.js
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-208-113.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 13:37:28 GMT
server: nginx
etag: W/"65a14098-864c"
content-type: application/javascript

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 10F0 38 KB
13 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 222858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 09:10:22 GMT
expires: Thu, 09 Jan 2025 09:10:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F8B7 38 KB
13 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 222858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 09:10:22 GMT
expires: Thu, 09 Jan 2025 09:10:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A08 38 KB
13 KB 66ms
66ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 222858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 09:10:22 GMT
expires: Thu, 09 Jan 2025 09:10:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 170ms
65ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 23:04:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js Show response
pagead2.googlesyndication.com/bg/ Frame D40E 51 KB
19 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 20:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19609
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 20:53:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0832 0
0 68ms
67ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5SyvMdOOfIDPOJ8xVWF2aFXO9bNbd_igsazZ9n_IQcn5_ACad6mPMUfFD5DH3y1qOpKFX9L-Kgjf_HI6ybKzdTlHJ-rWTWhpoBrywR5JXyIHJ8ScpYHvkH4PjpFKZvBojk8VrXbkR32euer6k7Ps4hOPlXR2hJGdBwrIlpx781jMcysklCDrAymI&sai=AMfl-YRHkDvrkbI_L4ikUfY2qzLK8X6Hd9JUC079l0i-TDeWmJg0NRMA4rAxsiUzKXUOknA2LFAIrfb-3de8p8MObrsZslf_HrlLuwzxaQ&sig=Cg0ArKJSzKMLG7P4rfz1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=396&dett=2&cstd=0&cisv=r20240109.97799&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 92A5 0
0 67ms
67ms Fetch
image/gif 172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssCC1DYqwDjX8yvwrNktrh9tFwfBSNuWQDIg2CyGHsbpQZ6hHcSOZi8nA0dseC5KQWIwPPa-wqdnCmUCmh_p2tlQ4D7tK4DriqBz2Suc8EmEzfUfzM_eiUjn6--yhbKVs03wMLIJNZrTp3J1q-IoHN7h4aTMOExexOHaN7JiPjyPx1uB6-yPYcV1dUC_Z_oPvKppVK05pEEsB-cLH7SADd5aq6fIKV7mpdL5b4oE1auuopBsMTQAHhBPRjf1fBg-9qm7NJ_tHU7FyFmrsyjzcZVDZ-pE__4a5yYKglA4nJnqlCun9edDpoGD2mUNKAwdYbBSlB16J8ijYdVNTaZHmZCmFw8PBe8hTkp_IWPZI24onqOHU930qogDT-P5lWIW5h7gjMRWPc4l-0dXRxeBk6hAI3PAHdMRsJ4Cm3uoxWE1Lw9QFna-vN1t6eHLBxC8CQh8FnxrSueaOy5MOSxoIA18H_TM8tD3flfbA27-pxAHAEH0DUTnv6nSvUP2MPLfEJzKGALYELpLm-Kl3Zj_OORFHYn39iHkGwNe1j3PmE8zfeg9dI8Phaqaf-N2_YpOjXbY-7CtdL1Hb_dPy0JCilsEi-5jQJrCvv0NzBWeDPe9EPR4fy_GNyVf6GmoYC-dLSenO5pcdCuB9N5IF2zvxgFuGZOjORg_qs-Ang1Y0v9mAY0m2zMKla0a02QAdfRq0zwg8c1uFADgZEXpQw10c6f5MX9781MJsjdyjetof9l2Y21nxPW8rcodOSwI6DV_w1CnceaDta14vdgLKQPkTl2rjs4BhkwoCYykPEWL98pUuuzR4Mq3_38c4BGSwHnOpSlk-Eg_evzB87inNFhMI7_zg4umsIBEW6WgzR-Z7msIiQv-MbMNYKTxRFbRky7azD-bW_DPUYHbjDU1YEeK_mn8FeHDjjCXqKxiAR2lB08CXWKPy8Ip3mWkI2-AHyqHTsReQnh3dGxB9urQnZRwOLl3Y3u70mDIBxfj5A1_yT9r3l94M9_nFZ40gFg-MgEMiyNfqqz3QPA5nbNChfbVECDZZ1SsQDZ8YT-NS6Bc00aPEtNNgwb5kTzYMlxDbO-cjSX9QfVKSB3h-cawQ5oAFGWXz52BGbuBK_c_teXYEJpVGHs7BWY4nYsm6qRXEdIZQB0JGmy84KLSzjX8pcEEyhjYD-zJ7Zg6WlH_qIcDdqbp3OdK6I63lTbXlu7I3EyVQhNh1y0tJYuOPAKRbsu1mpLvQrsov5cTMP5HEKkIBk1gx4yMQrSxO7_JUUau9hJHCEd0iwWeMYfssW_V0a4Eh7TJHx3x4Rld5NPBUkP3d56VKoIf8rw4BIMNFvd6Yh8QFs4l4uwk4Qa1dJGUWI6297Q100CdFEVIL3CivzKzZ0W1WctKZDwGpkzPmZO_i4PDxROMFuqQoHlSawTq-AAOF82DSEuBjUJXZDaBt2OhzJAhoLoXNFGylcW0mwlxCQphWhP&sai=AMfl-YTH78XtIJv_fmI77RJtk6_sd0Apdlo6f1-YRdAN-Na5xjhj9g4LSVzmdyT9oOeYMorNm3GgWelw1tImw-CKFL3rnNyEiUx0tEmoPi5YdD1yE-0cAhQ2U5V95vfLeyga5A1Y5Eap1BfuHQXe5X46K7c3q22LMd_ovmp2MWPTkdf1SsohjmhtvOvKTrHy-nklPqFIAW6rZ7bhfkZLfgBhBjE5mJYIuJ2Fw1T90ULl3c_Q4M0aqRjsvzVwUIdk-xehYPKNlUvwcAIKvLw0OvV-nZnKdRbn6dRKZgSLzIAB0L1q7rAo3YHOFkuO_DkCtddM8zYNZ73j6xYygnH1HfiJVpXx4uMSJBWJp9Sk5l3HcxtOeflWaYsiVDA5wWWNIFEPSdt-wrLNmStfwcDI5cmvfPqGca2BtPMq4q5x9QDcxrVdxMihY_EvthVhF0BegBwshOM1GsniU9O4x9FJgdgCnOSLRE4c5DjdibJAaHOCA2em_bQBQV6mjtJ4ZejCKhZUCxg0lXJPzae-&sig=Cg0ArKJSzPC6UTS0GB62EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wZXRzbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=334&vt=11&dtpt=333&dett=2&cstd=0&cisv=r20240109.47518&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 10F0 39 KB
15 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 21:18:18 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame F8B7 39 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 21:18:18 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A08 39 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 21:18:18 GMT

GET
DATA 200
OK truncated
/ Frame C8E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d56f1b76d30bbf2ecf50da7154b193dd1c10f84f9473c1813ff238c7f917168

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C8E6 0
0 75ms
74ms Fetch
image/gif 172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuhWlBKoI1TfyHyaeTpPDVkLyJVrTTOGPA5INGq4NmxTORlUdVo6de_Vsg7ARJnOP1djZZh6fVulRwIFzUundrK5OAbgq8pbCWSREfBtdMx5_mDjCOQ0e8AkZqPkvUO3CwJxv3GHzRXTy6SuVgMgSxrC3v6UUqHFJKptNKTmXVWQcOm-EIFclZ2FV12XpAUHLpIjqhUHqV3U44ir3vRWpWmGtWmDXNS-3-Tpu6SHztFVtCdIR9wjI1HYUsuFCVGYonag_22u9yhzKLO9q0t8rDhC54chgPOCf-wzU4b3XW_IarC3KtULbrLx1CHJDRb56b_rqZxeUOoVZLQlAxV4nbToolJshW9b_FjYDM9xb-C0urrllCPlU6Edv1JXrgsXHRGOXJyg5z9yJkDPbRXAKRiI3gPBVDRh6fQGF5YhVjwVuJiqJ7gaqmn6LuMxSlIt9z72kpUsI_SLKAyBcFgyGTNu8_Qrw7YTy6AQk0Mzjs7Jns2MFwIAsYZ9ZvB_vIsylvF_84n3bKsi-63W2y638n_GemUXDnEWPaKY3b_NBPD1NTzzFXHeNnk6ZBO57LJpmmNRZ5j4Uo100y2nFs9iJE11WlZ0HZVr_Lni9tkWA9KSnBuvnWIyFEYgMwBUZtWolToUyUgvMf6QMmMOibozbnG7NuD4T1lMd8sRDlcFtiMNysFJNG7fUIfviANdln_bcM13SPNFq0-V2R8pfInj_Cf8DQxH8rQXrUD1qmzXKZAe81AlGCDmfTKKl77f6PES34lrry-mh5ObhuL3f_Cfoj7yOqTeb2NoTLtAyqbc8MZwIssvCRnLJ_J2FYTs7XdtER4_750m-A8IJLCm8CwSYYQBleyZsTg6B4pDFUqVyTTrB92UP5quIHBWhGNMvyFRe9UajyyJOT3BGnrIQIxnwxiDmR-R6114o0-HsuaJ3Eh77pCG7grMA_3o1DyHgkDIHjKXKPd3IC3Zd2gXUUI2tPcQhDkCKbrukPCDq0DXssGy5j0LnXJdFDlwFwldT3nhUvRVNryUlbX9OdVvw2XXECffNdBYQC0uEF8fiJwGy4SgFtcIB8ObsBtPLSWC0TZ71O5DGmrXSFtBqJYoyCRs3W4uzgq6L8v8TB21cVL7Vv2Lav9T8t4_D3lIm_1ItJX-YTh02J1ALdyMW3yWQQMSOj-eCrglhJvnvrL6EWRMTDxRyWch2QSpV9q5BBrFC_BImNPB4HkrBTJk2lacQiBXVQ_mHx4evZo2EtolTCKuo73IjI10jB6F7Qx-fuwx848uBK5JUoYFIiVhBW49OcsSbk1Oit8FWOkUu1XOVYM2o5yAsqAGsSQ3Pk_NseeWlBFf0sPHX2fPcMgUsIwS7TDUZHQbDRkB9sGFuAe9o7_N6n-b4JFW9xmf6r07BW76AYCy8vHp2put-i9KWTW2SK-HBy5bRucndS1WeJDsZkCN7P1--KMQunboiHt6A&sai=AMfl-YTymP1f-jvBqqx8v0gPy_pPo-eP_fRemhp56LjDqUp7YqeAKNHKVD6Q4cDLPPBraDe3AhRnFIbeIjjIxBQM7Zdpf-gBvmj73JMbYjryiyJzjLZdMVpUFrAV2Dcx_sshC3PXefCIb6n8iqpWaTSCDTbkGvBsGyffKcg2kyCiCnfMF5DREB_mjA1LtCWW-aHizEp3fDDcsNe_sOxSsXkfe4ydKJdopw7sPPwqbvNShVKoSxjKGydGJudmoVOHcePr-wOXPldtRmiqGaQeOohzkUpMvQQGpLy0t08AVAtI5kUFcpz-s_3pSJMX9Nk9jHCkPI_jieuGIuLCAFo5W7n6PXATXFKUPawzHv5iLwxF5KFS2bI2z3m9mh16mKrVdQzkvogffpWJwTMoJ-OocDlVzdF7fLYjhnGvaEKKvmFfsEbHs4PtJsPBmDhAcNyMX0UEq1XCZJqg15MeVqUyPODYlD02HIIgVkCrMMk7rn2hE90tGHGr1VR61BMkVZw42ZToGf4nIQ9xpDo5jA&sig=Cg0ArKJSzCSvvh4_c5i3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nc2dodC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=616&cbvp=2&dett=2&cstd=0&cisv=r20240109.19178&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B7 0
20 B 70ms
70ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhvAphsWhZZnONOyloPMP55KOwAYAAAAAOAHgBAI&bg=!AQKlAk3NAAaumcC-jpk7ADQBe5WfOF_YMYBP6b0lcdVGD7dz3taOpmLNTgT4yl8H6rxx373D3Lwzkkw4nzwzICv_68fNAgAAAMVSAAAAA2gBB5kDDlcuuoaDBUghVAtKTa74zJnzHxQSZ45hDrAF7VVFiPXp8tnEgP9Zy-utCvBwA1UGI29uGDrOAGBYsLdsw4oT0A6C97pY8csAaQi5i79wihNYhTojjRGXRM5BNfLLn_aqAvIWsUIeBK2fGKUuBJCSDb47mm1-9ix1zzqPyHTJ_IBbSBJ9qk7wmSih2MYbnomCo2gQ4g57QDlv3D2M9xJhMb6u63b9guzAq8BvZVePap6JNBw2t8Vl3So4SJjJrrCcJmKm3b7FXUsWjRralgssZZI7FITy0KMOZ3dQXXLudar0HKtVOczJF39I-0KzPot0c9wet9fue4BzLA46ycPqAKN3wyWEGte7DUU4LvSYSSTy6KgLnUmttP3aKkPqFckSI2eTXQ4EoBgsBXCE8HOIxMwC83_Du3jDGMxePpop60FuS4vwv2u4Gyvrg1axSZKTOYHwMAV1mHpOI-s2JE_gFcPV2H22-IEkxTbFexyFRzX1dAxHr3oI9Vk6Wwum-eo0GOOQKoi-S9Bk8G0M1bq2kkJhz92K2vIUepHVdpOba0l6e83Ie3uCs6NcIAJKJ118_hv2Yvr6JMhS2x8V6Lgpv33hK-PE5gan2arvkET2lPtFWlnUA5yV_XSX6ZpVsXTvFvu4rGD675i_tcVEU-1wsqN3H0Nm77AvW1pRY9cKA_H3TpVUOYXUNL1XUg8c0ML1dxNg7bj8soq82MZraxtrX_EYk_LUTaH6WunlOgndjqUpPpbQ2rsoeHqc6PWXsNKMynqxwzmr8tWdIQT_9coXdgYAxnn9L2MeZ6PUJBUgVRSUBdgRTpMD_ui_hZ4DL4Q8Ho4CZDdwgvel8X9LqLFt4GLgntSpPvPwpZKSs04G4vGCKKjoTjlI0vGOslba5a_HJAb8W_ZTONzr61Oaey6aGOorrjo3Y4tnGlvVQJ6ryIrSbYuWy9AXln-RBeIcsfIajxVsnc1QHefdbachw2vLQZmNaz0xSdN9EtBOBuGQh_40YWptQgcodZA6JvIgrBth4bp6cAcsfpyAya0vAnAv

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F0 0
20 B 71ms
70ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfwP8h8WhZeO4NaO1oPMP3s2x4AEAAAAAOAHgBAI&bg=!GRqlGlXNAAaumcC-jpk7ADQBe5WfOPIJvFhNyusvC_nXLICzl2wyI8oFrf9jkMgonK7fAtVmhXV4WBtFSeeW3BawRik6AgAAALhSAAAAA2gBB5kDGfIJhmDpE1ffYDJDtFYh3zMhmXvTl-QOdai9nR-Y9JoRJTVS2FvxzkChfMKNkVBN6fZOeh-dniD9OrRxwFsA4vaur1bWxaQCaZA_E7g9rMqq5gKyLTDt_U90NOnP0hy-0GOWfpCgEUySHELWgonlBaBZv4cUwN5R3zdggy5zjF9OIhT4JT1waCZnN2-x4pzAAquwa_fR8kwXgR2b_K_pFAHXZBeaHmPg1PkPmi1FQW41IXiSI2s8CXpCgm6tx6tpRFC7r_lOf3FGMpV7MvhRwUaw4173JJ8yc2_Mw_j5K4HKb2u_S74AHdSavEAi8bFrghmCxZV2-nnSl-rUbR2BmmmZoJVfIER5cRKqFn9PVn4xn-v-dE7a15kXh1N1P2ZZ9cZFFkylZH_7Lt3gXuukFq1ZWxYAO4bXc85G_myZrD3JimQS6adBchk7QPSzK2aBDOHQ7E_HdS_NDcyP9_g6wP1Q00x8UTQ8PF6vIe_tTMugJb-P5oaCpsDL8K9lxS81Q9yPZc07pumAenHac06pXnM285izh5cpm6YAb8GmKYD_aRWao0nQS2J4zZ4VAf0X3pp9oa-jgj_HU8KqINS9NMr4ngB6rGlI57sWX7Jch1Gu8tooUlP0y2-eatzxDCBwuI5COFGiS_g7qFHyVya7Ri1lgPjrpS7o3mBsA3sVd8qCSvdOOX7QK-6MTegkk3zHTSm8TPQPJyGXM5AEcRvVUGUjXiv2rBJ4MYNgVezDfUs-o8lUIPHOmiCQ6N_csASS841LCZb5iIjwXbDGTnCEoDrKFbH4c2xxu5ksPA_80OZQltFuKrjso40Gg6akHlr0mX2MyJ9hkjaZRWBj5dLGBxB5tqg5MOhqb3yfPaBu5c-uNLxwz64cOA95vCh6pd-1MTcSySMqC2X2oJkhkHN5huHoUh8JOrl9XP3q37_rjzV6K6wG2-NlmFp9eInUXqgz6nr7hHZlpOrc8vRXrazy7HjddYtjMNQSRd2It6blyg7aFInbiw2hc7IHI909_CZEBR84aP_BOCxcS8q6OvwcpdNgCPkZiaCxrS4

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A08 0
20 B 70ms
69ms Image
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAyQ6hsWhZZrONOyloPMP55KOwAYAAAAAOAHgBAI&bg=!n5ylnNPNAAaumcC-jpk7ADQBe5WfOCY_fIm1s-oBFcTcHn0gW3-qbXQozQUTQKvbxT1AF6NwZ0fGTZUWyINfa0fqpqQeAgAAAJNSAAAAA2gBB5kDF_14MMzK01wKVDYC0UakQ6jeve4RKq0htBwD8p3m5c_l78FvznasWj3lR7KWS-iIpReGY-yuBBRn9EJtJOaAHYyrTI3Ss-r91ia-O3RVgEh4D3rN6a1-MZJLPjkQExuO4vcjEEO4BffbUusnlCckCdD4TwLwn5uFmqsearqPZGFiqXNcq7IfVtjY5ZdTd86p9WCkZu7zBUVN6nObu93vYs43LTLv6dTQpExd780iKIkfUsvUDI2eS5WmFVs1YVHwgCfQqKQKWInOlBsKHazZb4m8dOmjsSOYQCdTVCXX92D3QVMD_mPB05eEKCBg9dGyxWYWknm7cogteonJmwWIPqg-Bk24mURLMe3DnYp9ojZlUTA--odug8rdOP-QktwPdMYDRh2jH97QwWe2bgXJMHCdPFvGRlxRaT_MKlvsNszc3UU4PszJrucog_zBVMzKVJxE99n92b4npER1LnbgpDi7uyRy_rX67eyYbcW1mPFYVi0I1UI6xmNNUL4E6FBSOIjMNiskHiXAuh42Cxl8ysb79oOJTaF8wqiKTCHNYKw4gf2LPWiMLVTIXKYfj0ADv1t9K764m6SHromz9HBwcawnWcqR-udtjQordZbITOJk03vyL7jL4t39VyBhNcU1HC3Uu43N3Ls-y34sswXjBEwwdjcZz2FxRrfisYNIjlFbyzr6eadqElApjlTQJp4fD7zO0cmXn43pDSQeBkYpKmownU4TyqoQs-KXWAD7lNUUxC7R90HDQKu5t9oIMfXuZEWQYfxBx2h7DkVuqMNQIjloJi59y5EqtqHTUZVXdC8FL8_0hz9KU0N9soF7LurVjoLUnUntFE7zT_PH5j4ur_py2U01ZKcU_n92EnX8uwYYOw_qMoSoe05fhYZ1GW0fm8xuPKcq1CgDpZEywARmkOlCboXFraszrTuVHXpxpbWQ0i8kxxwTvp7v5n3ZNeTN2cbFsoElBeMv9jpgyqa5m1AABeM3iWyZnAdVrMZM3k3S0cnDDxigr0htNpr4AtzH8SKPlZwE5t-fhM41akc_gyVaKQI3Znx9

Requested by

Host: counter-strike-video.fr.gd
URL: https://counter-strike-video.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

stage-entertainment.de Show response
findarios.com/search/ Frame 7E3D
Redirect Chain

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
https://findarios.com/y?t=stage-entertainment.de&cid=9c2c37d1f5bd077cb0b3d6bac8baa3aafd6d16b543515d1102bc61a521de789c&identifier=da1f6ec6f064d0cb
https://findarios.com/search/stage-entertainment.de

552 B
1 KB

155ms
154ms

Document
text/html

3.125.0.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://findarios.com/search/stage-entertainment.de
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-27.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: 152ae30c886047c173fec6ff663c347ee6187b86c546578a12b20fb50cedd183

Request headers

Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=5c1f4c4a8970090889ba8a3d6c0e5409321219fddd4c8fb167b913af63a8c200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 23:04:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 23:04:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://findarios.com/search/stage-entertainment.de
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0832 42 B
174 B 70ms
69ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9bpv3sBZI9FIQp3qLJZSaEzIzF45d-flrgmFB6eJ4N00xpKBBLrKqwDT4GmDPb_GNs9IapSo5RQoPzOKAgCNeSgNwoWbItxW4h7814G1cdlWGUfuIKe_r8uWMo181YgxaJaDlBlvatwMcNWF3RIGCeWm8&sai=AMfl-YRN_EH345BUme4-PrXPCXdxfQG2ZUmRRMK5kMuA9uyXjSW5QqPAjMgMYkSUNMnCm72LInq-PINX4ArVqHiXA9kvfsC7_W9cESkLCpE6KxNMOT2ltVSC6mySF-9Wfpva8RodgmptIzvr6L9ei9h-&sig=Cg0ArKJSzCTKOXsEFqSeEAE&cid=CAQSTgAvHhf_ZTxnTpuFz5wiNNYEJKXFgXRRHHtx1YUwzSvGh5u_Z-foDdIt2YlNL-vTaIjXqYzTdkrASO32is5UpZJpdbYUwEjDWtN4RfETMhgB&id=lidar2&mcvt=1001&p=1,1,158.484375,612&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=745244200&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100679411&rpt=1000&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0832 42 B
108 B 70ms
69ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjRf42g0jhTv8SdEgwzYATY8p4Y-qO6a7VNqnK1e5nqXIhaOPG4tZr6rvoOOYOEtegxl2BBYJTiNLLiCu8jmRiODLo7Fg3Th6EJ6Y-74F1bl3Nc9LMp-qzKapUvBg&sig=Cg0ArKJSzBltwbzi5jHgEAE&id=lidar2&mcvt=1004&p=1,1,158.484375,612&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=32&adk=2384916310&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100679411&rpt=1005&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92A5 42 B
64 B 70ms
69ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurt-nXbtGoqv2fk4ohHDlaBGO_oONg1OMmujRXwxwPEqHFpXosGYKZKwXEih7346mAcmqPX3YKONXSnz4arFCaiVdMzjKmwPG1qIGqzhPsQym5ZGwAGToKuk-C8RDTUBHXlSnpUij8Fi3i3Gz3bNs4ldmd&sai=AMfl-YSN8ve-5usHDhyKaSk3PtWoSflHnFzd6lihDDjZ8YvHHmb8wd1WWv4yqxEBPDZIdZLjs7vxUZ6TN-aOHGjMAzlX2Mp7SNrUVJpAv6zBDW1naPcMBT5W7rMshY2QYdCLW7UNwaiurKmPKrbwf_0U0A&sig=Cg0ArKJSzAGdSomw95r9EAE&cid=CAQSTwAvHhf_OPrqMsLxBJkfoNTfQHRnWoQSfmswNMA_RPxSlu4rvkYGLhxMcCvWmA1DHbxGGa25lIcnf5pqONJRH2nfCE6X2p_mlWFDX3Z62foYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=666,1000,1000,1000,1000&tos=666,334,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100680066&rpt=482&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8E6 42 B
64 B 71ms
70ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssndUWNcUOcboeNgs8UeUNlwdg8B_3SfXn0AEkoxmpbTVGvAzawA4ewYFSUkRtE4tXPI9vlhtp8ZJRCXJ6SPKJOTANwM_OxABSIrfpxcYw-hzGTWw6ifSqsdd35829gPdeJ0heIoGizyKjzobI71Gu5mU1N&sai=AMfl-YRErulJ1d0wydx3pjzt6PkkHYgL17fzXAVn8eoN_YfUfmiHOIh9l2vvhioBaVCHJpoEJbWi9VswfC8qbnfmo8zmxta83gnSNJHmHOftAk45-gVZSgpvO9DjiDyCCxDWHcVJPd3OeqBzEZeoboaF8Q&sig=Cg0ArKJSzCZQY_UuTop0EAE&cid=CAQSTwAvHhf_OPrqMsLxBJkfoNTfQHRnWoQSfmswNMA_RPxSlu4rvkYGLhxMcCvWmA1DHbxGGa25lIcnf5pqONJRH2nfCE6X2p_mlWFDX3Z62foYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100680031&rpt=610&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 23:04:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

go Show response
r.linksprf.com/v2/ Frame 7E3D
Redirect Chain

https://r.linksprf.com/v1/redirect?url=https://stage-entertainment.de&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/sear...
https://r.linksprf.com/v2/go?t=4t8p0%3A3%2Fbu1ebtbres0a0e2edtcrba5n2e3t1d0%2F4s3iv014m4%26%2F9sy%3F7y9%3DR%26.m5%3D1d4e2w7r5s.bbln.4k5o4t.n7a4c3aCrTp9tmcRt_8s0c3%3D50%2F0t0e0.4n8m9i4t7een7-ag4t2.8....

2 KB
841 B

133ms
132ms

Document
text/html

2606:4700:20::681a:cd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.linksprf.com/v2/go?t=4t8p0%3A3%2Fbu1ebtbres0a0e2edtcrba5n2e3t1d0%2F4s3iv014m4%26%2F9sy%3F7y9%3DR%26.m5%3D1d4e2w7r5s.bbln.4k5o4t.n7a4c3aCrTp9tmcRt_8s0c3%3D50%2F0t0e0.4n8m9i4t7een7-ag4t2.8.8nbm6nf%2F9set7h&e=1&ai=9ef4716b9df94a9c926fd627525c7f59&sct=0&ct=1705100682365&cu=954b7ced72a0402e8b8bb16bf390e874&ykuid=7fb2257052d74e0c8b2e961488bf38e4&sc=1&cs=02b78a675a920ac2de8aa2f1b21624a7
Requested by: Host: findarios.com
URL: https://findarios.com/search/stage-entertainment.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1bc098dd93775239b8aa2b88443114e9d481c3f7f7016a54d6078bfb8ad626

Request headers

Referer: https://findarios.com/search/stage-entertainment.de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84490a41494c67e0-MIA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 12 Jan 2024 23:04:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouZkS7Rpg0uYstQks9JAtvIYlO1AB6U8vPR6aunZuirD%2BRDBGfUE1yZplENhmv%2BUyuOHmLPE4yDrvPqUbJywB2SjGlsb67YMRyWztA%2FB5S4LJpDuZFA7%2FcL%2BNxkWvs%2BIcniXiiSP7xtNNcTQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 84490a403ef767e0-MIA
content-length: 0
date: Fri, 12 Jan 2024 23:04:42 GMT
location: /v2/go?t=4t8p0%3A3%2Fbu1ebtbres0a0e2edtcrba5n2e3t1d0%2F4s3iv014m4%26%2F9sy%3F7y9%3DR%26.m5%3D1d4e2w7r5s.bbln.4k5o4t.n7a4c3aCrTp9tmcRt_8s0c3%3D50%2F0t0e0.4n8m9i4t7een7-ag4t2.8.8nbm6nf%2F9set7h&e=1&ai=9ef4716b9df94a9c926fd627525c7f59&sct=0&ct=1705100682365&cu=954b7ced72a0402e8b8bb16bf390e874&ykuid=7fb2257052d74e0c8b2e961488bf38e4&sc=1&cs=02b78a675a920ac2de8aa2f1b21624a7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aevyy4v70F5uYyyLVIsVIufFpAhMDGm9Hv2RxNdeLEl7jj7X9BAyZLYRPqnGQSaFMMNUHPFYb8GPa8f7oezSkfCcNOoqH%2FZpl6pFwn7mAlMucsRXYf4fqVkVZtZ%2FG%2Bgaw2kkqhLUkIKQK%2BO5"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET

cl.aspx
et.stage-entertainment.de/ Frame 7E3D
Redirect Chain

https://nument.r.stage-entertainment.de/ts/i5034048/tsc?typ=r&amc=adnetworks.blbn.455742.471453.CRT997myR9_&smc1=v030400014382954b7ced72a0402e8b8bb16bf390e874
https://et.stage-entertainment.de/cl.aspx?extProvId=27&extLi=de_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_455742&extCr=Homepage&extPu=stage...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=

Domain: et.stage-entertainment.de
URL: https://et.stage-entertainment.de/cl.aspx?extProvId=27&extLi=de_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_455742&extCr=Homepage&extPu=stage-belboon&extProvApi=128665&extSi=455742&extPm=471453&url=https%3A%2F%2Fwww.stage-entertainment.de%2F%3Futm_medium%3Daffiliate-belboon%26utm_source%3D455742%26utm_campaign%3Dde_2022-2_running_aops_multipleshows_national_multiaudience_fixed_cps_multiplacement_affiliate-belboon_%7BPARTNER_ID%7D&belboon=2401122304433030282&iclid=1-21528003-a1ff-348a-808a-84ffa1038052-a76639&utm_medium=affiliate-belboon&utm_source=455742

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.counter-strike-video.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 777dc0c7fb76793700c2acb8738a87bf
t.adcell.com/	1970-01-20 17:41:13	Name: ADCELLvpid5289 Value: 249855-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401705100678
esdownload.de/	1970-01-20 18:21:32	Name: csrt_uid Value: 65a1c5872ad000.99325929
.esdownload.de/	1970-01-20 18:07:08	Name: thirtybees-7a92d40112eb0248bfa323c6236954a3 Value: UmF3UlI1b2JhNlE9MHhzUWNMRkRVeDQ9Q2c3QVFMUHByems9SWIyc2hlWVFtcUk9WEwzN3FpbFVucW89dFJ1MjI2WDdvRzA9aDlUNVJpeG92RVU9R1FCTHNPNk92V0U9R2Q5L0xLZ2lmbTg9STdzUFFoL0RqdTQ9MDAwMDc1
.doubleclick.net/	1970-01-20 21:57:32	Name: APC Value: AfxxVi5Q1bKUQyDiW3j982x0OgzFF7OrIbX5HPqq5tfIXH6XJk2KBQ
.doubleclick.net/	1970-01-21 03:14:20	Name: IDE Value: AHWqTUl_ZBHvzdfWUzW96kr5IxvFQTytHvL7mlJLz8Lu9-5By-X3MIcdH6h-s6Vuawc
.fr.gd/	1970-01-21 02:59:56	Name: __gads Value: ID=2d64c3a923457b14:T=1705100678:RT=1705100678:S=ALNI_MbIcSE9SDvdZtjD9bELKqvuQ_N2nA
.fr.gd/	1970-01-21 02:59:56	Name: __gpi Value: UID=00000db6c011c950:T=1705100678:RT=1705100678:S=ALNI_MbjG-EbuXFmnltYup6aMyoXVqGmfg
.openx.net/	1970-01-21 02:23:56	Name: i Value: c584b821-9569-44ea-8388-cad6df9bbbd8\|1705100680
.casalemedia.com/	1970-01-21 02:23:56	Name: CMID Value: ZaHFiOgU904R-cc1EZwJjwAA
.casalemedia.com/	1970-01-20 19:47:56	Name: CMPS Value: 2922
.casalemedia.com/	1970-01-20 19:47:56	Name: CMPRO Value: 2922
.agkn.com/	1970-01-21 02:23:56	Name: ab Value: 0001%3AhHlWmPOzD29vvE2ZEz9f%2Bqv%2Bk89YKbxj
.agkn.com/	1970-01-21 02:23:56	Name: u Value: C\|0EAgtNIIILTSCCAAAAAAAAgAsAQfoTAIAAC0BB-gYAgABAAcAAAAAAdE6P___HgAAAAAAWXSHAAAAABZk0noAAAAAC8-lfQAAAAAhxHSbAA
.teads.tv/	1970-01-21 02:22:30	Name: tt_viewer Value: b8a4c1c9-b237-4054-8f24-0e1f01405a88
.adnxs.com/	1970-01-21 03:14:20	Name: XANDR_PANID Value: vKXTNOs24HJ4MqPnss4-cKpaPqi_p-GjsxjCY0zhJLoOy2voPkrSiHWJfhD1Fxvdc5jFGUaZ9nhVgURJ9RyYeSqdEYeJcKkZsiyZkvyzPLk.
.adnxs.com/	1970-01-20 19:47:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$GB5PsU!@wnfH8K6pQK`!5=E<*L5?%M<017P!i8XX+6:l.@_/8B//la=e?pXsyM7ctp9RFMZ9T5_m!x(B`)YWp$
.adnxs.com/	1970-01-20 19:47:56	Name: uuid2 Value: 7725255645205572082
.googleadservices.com/	1970-01-20 19:47:56	Name: ar_debug Value: 1
api.yieldads.net/	1970-01-20 17:48:25	Name: AWSALBTGCORS Value: MRUioTzK8RJkeHl9QLJ2uJ9uhPZZAeojJ2lp2TL/8Q0sIlDtyvRu0dN+bbjOo1opDgg7i0/UjiWG0yvKToI4ZRA4nqFxdJyYjcC6S2MtiUSvEG2keW6OfDR1zcQMRslyXQvfYJtOUQphOFeoNtlHkk1fpHxsBpnIUNU9Pt/FXFFVVFvBnWA=
api.yieldads.net/	1970-01-20 17:48:25	Name: AWSALBCORS Value: I5x6Kjh/Vu2obrgqNFTYdU7TvI1x0QJhYUkNv6WGR4zzjSCSRbclXd0aKBGEzzUxwdCztWo9pNLuNo4HZY51aM3+lJRA4FD7iKg+h7TXwzpPHDFrX6HVSu4x4XcZ
findarios.com/	1970-01-20 17:48:25	Name: AWSALBCORS Value: rYSxwjvdVH58PhpSbXKLMxNxdHTOw8k6cLlbk1n2WlDmujAbAnuxTQTxaXJDt4JFcWgdigud177s4u5DZR7/+XKOnZwRJ9abgpt2W6l4gWwrFwpGGn+Vy5Bu09NN

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://counter-strike-video.fr.gd/ Message: Mixed Content: The page at 'https://counter-strike-video.fr.gd/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
api.yieldads.net
asrv205.com
cm.g.doubleclick.net
counter-strike-video.fr.gd
d.agkn.com
dsum-sec.casalemedia.com
esdownload.de
et.stage-entertainment.de
findarios.com
fonts.googleapis.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.webme.com
pagead2.googlesyndication.com
r.linksprf.com
s0.2mdn.net
sync.teads.tv
t.adcell.com
theme.webme.com
tpc.googlesyndication.com
us-u.openx.net
visifeed.org
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
et.stage-entertainment.de
fwd.fwdtrk.com
pagead2.googlesyndication.com
104.18.36.155
172.253.115.155
172.253.62.154
172.253.63.148
172.253.63.154
176.9.183.55
178.162.223.113
178.162.223.114
18.185.208.113
193.238.27.28
23.200.197.46
2600:9000:215f:7a00:19:fc2c:a140:93a1
2606:4700:20::681a:cd7
2606:4700:3037::ac43:cc74
2606:4700:3108::ac42:2bc3
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::95
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1d::9a
2a02:cb40:200::242
3.125.0.27
3.75.56.58
34.98.64.218
68.67.160.24
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
152ae30c886047c173fec6ff663c347ee6187b86c546578a12b20fb50cedd183
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ea8a6b04d80c57683562bd87e514a16091862fc3bc639ecfc8889b911b7d9a7
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345a52ef2133589d9518b2f6108dcde815eb75388168ec7440fb04f925e28eb8
364ba0bed75f33bb235781921a403bac9ec447717f020a6ba1d2402e3b33131a
3a890782b00effa41a8264f4b17d5093dd900d8d018af3176fea9f82601892e7
3d56f1b76d30bbf2ecf50da7154b193dd1c10f84f9473c1813ff238c7f917168
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4a6b4c4ff4c12aef58ddcbe059592d0c0436877717c4ea00dff16d024e637473
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e2efa14b9a95331d63013f1220373eaf3e4a65797115643d42e2a15411bcdd
51cd736d2b573cf53034b97d598731a03ba3647d6143c89fdef48875d535412d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8f491358afad9ec66ea13ea3e3807567f15074e5db636fd2680c3fcda69193
5d5be65169bfc248cb0fb182785e64c7e6bb04070ae7aac94ac1336ba6c61e83
5f36dcdd162b32f72d8f3b1b565b9aaf8427e99c219a2a51b51da18caf10364c
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6f3565a1ede3a64fd48f41a3dc0aa4eaddb68917587c755c523dcf46b7421949
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
76c560d948d609155fa8cf26b44140404a3a0d4589b89b1e56913e591446575c
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
87eab1097f4884108c9a6856c5ccff0a0ecf9f161044f7a6b4a2160cc2566fe9
922faaa860c28a507e3dbeb4ab1434e8f09a391e326a850a01d564a01908148a
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9b835692f8fc858c083d5a8c383e18c2cf630a90820d881dbb62e6de45d8b04e
9d1bc098dd93775239b8aa2b88443114e9d481c3f7f7016a54d6078bfb8ad626
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6436f8da4a2f0673674de2456e5930897c4dba5c463c34fdc15a72a1dd30134
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28c8f08b2b4a3c880076cf7ea72c074e0406e2d1e0234618484a11ceacce673
b7704873dfae629ca389abddec0128ff6f5bd0303545edc311a9c4157bd6f7fc
bb826c05231e747195909086199d95fe57521dfb0a6891b827e05c8056424e89
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d542b5ad20ed2aa2b62c3543c355ece1bdd7d88be82648ea3c3e9faca235b1a8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d678fff5704aa0750a7d4cfd8ad56b5a7c06f952d876ff36cbb61b393a32dfab
de5fa3c531c2d2de90d9657522c1f37907aa7fcbc5f3b932be151d1113b6a450
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e770edd1816d0d4d1f443fac7fe89d04197d8af2be9c1a7f0309ece017e3ec31
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36a4a52fde317e86dde8747049647f1ca6944ccd01217a3b065d17d477acc70

counter-strike-video.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

88 %HTTPS

44 %IPv6

23 Domains

29 Subdomains

27 IPs

3 Countries

1619 kBTransfer

3751 kBSize

22 Cookies

1 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

counter-strike-video.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

88 %
HTTPS

44 %
IPv6

23
Domains

29
Subdomains

27
IPs

3
Countries

1619 kB
Transfer

3751 kB
Size

22
Cookies

104 HTTP transactions
3 data transactions