winit-stage.steamrailway.co.uk Open in urlscan Pro
52.210.79.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winit-stage.steamrailway.co.uk/
Submission: On September 06 via automatic, source certstream-suspicious (September 6th 2020, 12:34:27 am UTC)

Summary HTTP 150 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 29 domains to perform 150 HTTP transactions. The main IP is 52.210.79.36, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is winit-stage.steamrailway.co.uk.
TLS certificate: Issued by Amazon on October 4th 2019. Valid for: a year.

This is the only time winit-stage.steamrailway.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.210.79.36 52.210.79.36	16509 (AMAZON-02) (AMAZON-02)
2	143.204.201.40 143.204.201.40	16509 (AMAZON-02) (AMAZON-02)
5	99.80.128.196 99.80.128.196	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
9	143.204.201.47 143.204.201.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
3	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
31	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.2.101 99.86.2.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.44 143.204.201.44	16509 (AMAZON-02) (AMAZON-02)
4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
22	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64:596::36f1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.34.98.13 63.34.98.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2 5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
4	143.204.201.36 143.204.201.36	16509 (AMAZON-02) (AMAZON-02)
1 3	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	2600:9000:205... 2600:9000:2057:ee00:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	63.35.118.223 63.35.118.223	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	99.86.2.85 99.86.2.85	16509 (AMAZON-02) (AMAZON-02)
2	143.204.201.32 143.204.201.32	16509 (AMAZON-02) (AMAZON-02)
1	76.223.7.58 76.223.7.58	16509 (AMAZON-02) (AMAZON-02)
150	43

1 52.210.79.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-79-36.eu-west-1.compute.amazonaws.com

winit-stage.steamrailway.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-40.fra53.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.80.128.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com

winit.stg.onebauer.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.201.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-47.fra53.r.cloudfront.net

winit-cdn-staging.bauerassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-101.fra6.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-44.fra53.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:596::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.98.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-98-13.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

bauer-uk-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.201.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-36.fra53.r.cloudfront.net

dfp-gateway.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET, US)

mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ee00:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.118.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-118-223.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-85.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-32.fra53.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.7.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ab51a9e8185f181d0.awsglobalaccelerator.com

metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com	1 MB
22	googlesyndication.com 38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com	60 KB
14	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	202 KB
11	s-onetag.com get.s-onetag.com dfp-gateway.s-onetag.com beacon.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com metrics-collector.s-onetag.com	41 KB
9	bauerassets.com winit-cdn-staging.bauerassets.com	198 KB
6	rubiconproject.com ads.rubiconproject.com smarttag.rubiconproject.com secure-assets.rubiconproject.com	20 KB
6	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv t.teads.tv	196 KB
6	googletagservices.com www.googletagservices.com	149 KB
5	ampproject.org cdn.ampproject.org	107 KB
5	openx.net 2 redirects bauer-uk-d.openx.net eu-u.openx.net	25 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
5	onebauer.media winit.stg.onebauer.media	4 MB
4	exelator.com 1 redirects cdn.exelator.com mydmp.exelator.com	9 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	gstatic.com fonts.gstatic.com	41 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	amazon-adsystem.com c.amazon-adsystem.com	30 KB
2	gumgum.com js.gumgum.com g2.gumgum.com	37 KB
2	facebook.net connect.facebook.net	64 KB
1	rlcdn.com api.rlcdn.com	231 B
1	google.cz adservice.google.cz	890 B
1	adsrvr.org match.adsrvr.org	553 B
1	criteo.net static.criteo.net	33 KB
1	google.de adservice.google.de	168 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
1	googleapis.com fonts.googleapis.com	559 B
1	indexww.com js-sec.indexww.com	39 KB
1	steamrailway.co.uk winit-stage.steamrailway.co.uk	8 KB
150	29

	Domain	Requested by
18	images.taboola.com	winit-stage.steamrailway.co.uk
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com winit-stage.steamrailway.co.uk cdn.ampproject.org
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net winit-stage.steamrailway.co.uk
9	winit-cdn-staging.bauerassets.com	winit-stage.steamrailway.co.uk
8	pagead2.googlesyndication.com	winit-stage.steamrailway.co.uk securepubads.g.doubleclick.net
8	cdn.taboola.com	winit-stage.steamrailway.co.uk cdn.taboola.com
6	www.googletagservices.com	winit-stage.steamrailway.co.uk securepubads.g.doubleclick.net bauer-uk-d.openx.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects winit-stage.steamrailway.co.uk cdn.taboola.com www.googletagmanager.com
5	winit.stg.onebauer.media	winit-stage.steamrailway.co.uk
4	dfp-gateway.s-onetag.com	get.s-onetag.com
3	trc.taboola.com	cdn.taboola.com
3	mydmp.exelator.com	1 redirects winit-stage.steamrailway.co.uk
3	bauer-uk-d.openx.net	1 redirects securepubads.g.doubleclick.net
3	t.teads.tv	winit-stage.steamrailway.co.uk
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	winit-stage.steamrailway.co.uk
3	c.amazon-adsystem.com	winit-stage.steamrailway.co.uk c.amazon-adsystem.com
2	onetag-geo-grouping.s-onetag.com	beacon.s-onetag.com
2	eu-u.openx.net	1 redirects bauer-uk-d.openx.net
2	secure-assets.rubiconproject.com	winit-stage.steamrailway.co.uk smarttag.rubiconproject.com
2	smarttag.rubiconproject.com	ads.rubiconproject.com
2	ads.rubiconproject.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	connect.facebook.net	winit-stage.steamrailway.co.uk connect.facebook.net
2	get.s-onetag.com	winit-stage.steamrailway.co.uk www.googletagmanager.com
1	metrics-collector.s-onetag.com	beacon.s-onetag.com
1	onetag-geo.s-onetag.com	beacon.s-onetag.com
1	api.rlcdn.com	js-sec.indexww.com
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	g2.gumgum.com	js.gumgum.com
1	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.cz	securepubads.g.doubleclick.net
1	beacon.s-onetag.com	get.s-onetag.com
1	match.adsrvr.org	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	sync.teads.tv	s8t.teads.tv
1	s8t.teads.tv	a.teads.tv
1	38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	a.teads.tv	www.googletagmanager.com
1	cdn.exelator.com	winit-stage.steamrailway.co.uk
1	js.gumgum.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	winit-stage.steamrailway.co.uk
1	maxcdn.bootstrapcdn.com	winit-stage.steamrailway.co.uk
1	fonts.googleapis.com	winit-stage.steamrailway.co.uk
1	js-sec.indexww.com	winit-stage.steamrailway.co.uk
1	winit-stage.steamrailway.co.uk
150	52

This site contains links to these domains. Also see Links.

Domain
planetradiooffers.co.uk
health-every-day.com
popup.taboola.com
healthy-foodnetwork.com
adviser.wiki
www.cnbc.com
cosmo-womensmag.com
www.bauerdatapromise.co.uk
www.bauerlegal.co.uk
www.bauermediacomplaints.co.uk

Subject Issuer	Validity	Valid
winit-stage.steamrailway.co.uk Amazon	`2019-10-04` - `2020-11-04`	a year	crt.sh
*.s-onetag.com Amazon	`2020-03-03` - `2021-04-03`	a year	crt.sh
*.stg.onebauer.media Amazon	`2020-09-04` - `2021-10-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.bauerassets.com Amazon	`2019-11-07` - `2020-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2021-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.gumgum.com Amazon	`2019-12-12` - `2021-01-12`	a year	crt.sh
cdn.exelator.com Amazon	`2020-02-10` - `2021-03-10`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
s8t.teads.tv DigiCert SHA2 Secure Server CA	`2019-10-17` - `2021-01-15`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.google.cz GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://winit-stage.steamrailway.co.uk/
Frame ID: 6F25D395067D46B56F1F657A83FB8E0D
Requests: 101 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: C64FCA791407CD315870DB22865C622E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsump4K0PwDaKwazZ2ZTyeolxjzPX8adDCvO7oRA2DcUAQpSrC8qZSdMeHWMw3mTLPPgbx3n1YugnOxI-jw-kmNbFHgp-7iqZJ6sn2VgPX3bhJTDgjVVbs5gonXJPphoecGONfVlVuWl0auDqR2X8rQ4BZKUDBw3lyukHABrzpvhTOrCT_MQ5MrYAUVBBKP7Ew188fgog5UsonruZEgH3juN9Q4K3OPL5AhhTMJA2h4JenL8goyJFAny4aAE0un8Cn57gtsy7u47vJc5HlF4IsmTetURM61hmJGGt4pM6oX6aCUBH0W-yBU-TAHZzQZRR1vt0xfSgpUiSohqS6VM&sai=AMfl-YReF6VJGrKbTsISD7cKGlQ_Wn0IcfE9KwvgVan9XHVkP-h7rHgfQSKwxay1VIDycqtrytM9G-T3OkAUmAzquvgKRSZ4n--_5eZ3t3ZXApEW1JtrBfiOVsGZElEvXJk&sig=Cg0ArKJSzFPUTEaIbxanEAE&urlfix=1&adurl=
Frame ID: BBBE3AD6AE5B66DF2E651BE718A51E6E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOH9i5Me5D7KAZty3VKNNz-JMFKqAMiPk7B2vbNVQEIYtnsOcJY9GMqfAOftkhW1h_s9PUw1LCmV8QZd2nIJpaqWJch7SLYPL2peEk9nFKBZX3o9NM4taz6-kLM0iSHl8fNAl7Py44NVaSZC5LER-tw-HRof_tV_CcGbRvQgQUQt_HFIBF7eROBWCGhbBeO5K6CPPvAYo_fbvYbT4rv7uXq5vNpjKEygPjAUGLj7z-w1aQ2s3AOJvwc-xkTPkPsdaGKZVza0SUIk4aBG9B90ADDVJ4bXCzshd7rxr0phdy_T7dm7WMNLNU4je6PlG8LyUOMr_mI91tpQ_whSxa&sai=AMfl-YTw08nDkVpH-gZMOMGBYAu1iLicCTXMnau5wffjAKcGEJ0IMovR5Hyn8zD3tnKAitny_Jcz6qXQBeklJ8Zta7JsEteobR3rszcRgAhAodR1dtmxRnHpNZyLdepAQf8&sig=Cg0ArKJSzPP-BN0igVU4EAE&urlfix=1&adurl=
Frame ID: 4A1A3F04AA2C137FE0832B2A636FD679
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstauSB0OFzFAtsFXL33kp1GbpzGFbUl36us_9sbBkKQ4jtPZQ_LeCT0llzYcvRIxVLj1eJvclSBYlLVQY_7_NJfnydmYSo2bXJ2wLrAyQsXuRZaNtlKRhhII-upjHgT_re-lKm_VU3BhtocU2yLKAWAsTxDZG1-L2pJfHNlT8t45SX-lFHhoV7_WmTZREvX09YlEYAYc0_FuULZTzg92NwLgwxuLN6dzB9uSTxLuCGBTaKPzl4uH-DRT4pm0N8sEm_laz9XsLq6pDdkLc7BemvvzWKSTEqpWXGuuaX8WgSdXRNTpAcoZ8HwTKkPDqGfD3A2tk2OugkuQW-LOfrV&sai=AMfl-YSHOoWdGEXFbFS2mXLao4pKSEffExD4vqhMdwffBQXDmZIe1BlXAm-hF0S0RS2BDxvVbpswBpGrLomlutp5GqPaIGMtKoTJqDVJyOGf2Og5XzCBuZb-XcxCTeWgC8g&sig=Cg0ArKJSzO2kj9sN992REAE&urlfix=1&adurl=
Frame ID: 3052C0B0855D0F20DA8C3BCF37B08C06
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: D96438FEFA28DF1ACBB67C135C3D7C49
Requests: 1 HTTP requests in this frame

Frame: https://mydmp.exelator.com/on-site-tag-load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD04MWYwNjM2MTU1ZDBjNjc3ZWQyNTc5NjM5OGZjY2I5OSZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9zeW5jLmNyd2RjbnRybC5uZXQvbWFwL2M9Mzg1OS90cD1WSVNELz9odHRwczovL2xvYWRtLmV4ZWxhdG9yLmNvbS9sb2FkLz9wPTIwNCZnPTI2MCZidWlkPSR7cHJvZmlsZV9pZH0iIGhlaWdodD0iMSI%2BPC9pbWc%2BPGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3B4bC5jb25uZXhpdHkubmV0L2MvY3NlP2E9UiZBPTI5MiZEPTZiMmImVj05Jkkwaz1wdG5yaWQmSTB2PTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5JmI9MTU5OTM1MjQ1MDQ5MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vZ3VtLmNyaXRlby5jb20vc3luYz9jPTE0JnI9MSZhPTEmdT1odHRwcyUzQSUyRiUyRmxvYWR1cy5leGVsYXRvci5jb20lMkZsb2FkJTJGJTNGcCUzRDIwNCUyNmclM0Q4OSUyNmolM0QwJTI2QlVJRCUzRCU0MFVTRVJJRCU0MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vYmVhY29uLmtyeGQubmV0L3VzZXJtYXRjaC5naWY%2FcGFydG5lcj1uaWVsc2VuZG1wJnBhcnRuZXJfdWlkPTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5IiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=615c9f32083bfdf63b05372432cbcf80
Frame ID: 41DA0AF7A75403BBCFA8E5132101FA2E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d
Frame ID: BA95F10166C2C73918CD0E42F809569D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C3C3AAA52846879EF0A22C60FF685C20
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: 3065577542A447DBCBC17E6EF501C678
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: F6E85F33BAEFD7234B7A89C30FC12D1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

150
Requests

100 %
HTTPS

44 %
IPv6

29
Domains

52
Subdomains

43
IPs

8
Countries

6714 kB
Transfer

10510 kB
Size

8
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://planetradiooffers.co.uk/?utm_source=winnit&utm_campaign=winnitnav2019&utm_medium=nav
Title: Offers

Search URL Search Domain Scan URL

URL: https://health-every-day.com/top-30-most-beautiful-women-in-the-world/?utm_source=taboola&utm_medium=referral&utm_campaign=Beautiful-POOR&utm_term=baueruk-winit&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F98648cc0e2e9ebb7b95417ab50a161c5.jpg-Top+30+Most+Beautiful+Women+in+the+World#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCDL90U
Title: Health Every Day

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=baueruk-winit&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Category%20Thumbnails%20-%20steamrailway.co.uk%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://healthy-foodnetwork.com/21-celebs-who-have-already-come-out-that-they-are-gay/?utm_source=taboola&utm_medium=referral&utm_campaign=Gay-POOR-1&utm_term=baueruk-winit&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ff474365cff6e89cb4df22ae1e68116da.jpg-21+Celebs+Who+Are+Gay+-+No.13+Will+Shock+Men%C2%A0%C2%A0#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCDgikg
Title: HealthyFoodNetwork

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=baueruk-winit&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Category%20Thumbnails%20-%20steamrailway.co.uk%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://adviser.wiki/the-most-expensive-dog-breeds-in-the-world/?utm_source=taboola-baueruk-winit&utm_medium=referral&sid=1112611&device=Desktop&utm_content=Adviser-CZ-Desktop-All&utm_term=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7c98719fb2a9527283988b67459ffcb9.png&utm_title=30+Most+Expensive+Dog+Breeds+in+Czech+Republic#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCCM3EY
Title: Adviser.wiki

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/advertorial/autonomy-the-dawn-of-a-new-era-for-industry/?__source=taboola%7Cyokogawa%7Cbaueruk-winit%7CDesktop%7CThe+Fourth+Industrial+Revolution%3A+The+World+of+Autonomous+Operations&tblci=GiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCDPjkQ#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCDPjkQ
Title: Yokogawa by CNBC Catalyst

Search URL Search Domain Scan URL

URL: https://cosmo-womensmag.com/17-photos-that-show-the-dangerous-of-ocean-swimming/?utm_source=taboola&utm_medium=referral&utm_campaign=%C3%93ce%C3%A1n_POOR&utm_term=baueruk-winit&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F291bef6942993f958ad37006822185ea.jpg-17+Photos+That+Show+the+Dangerous+of+Ocean+Swimming#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCCypEs
Title: Cosmo-Womens

Search URL Search Domain Scan URL

URL: https://healthy-foodnetwork.com/top-10-most-dangerous-cruises-in-the-world/?utm_source=taboola&utm_medium=referral&utm_campaign=Cruises_POOR&utm_term=baueruk-winit&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc069cf359a38eba15c7d1e207c958ac3.jpg-Top+10+Most+Dangerous+Cruises+In+The+World#tblciGiBqEjqmnceF7xjMyEgBNPHZRfWqQlWmhoifBInPAPg3iCDgikg
Title: HealthyFoodNetwork

Search URL Search Domain Scan URL

URL: http://www.bauerdatapromise.co.uk/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.bauerlegal.co.uk/website-terms.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.bauermediacomplaints.co.uk/
Title: Complaints

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=baueruk-winit&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sb.scorecardresearch.com/b?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&c9=&cs_ak_ss=1

Request Chain 78

https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d HTTP 307
https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d&xl8blockcheck=1

Request Chain 86

https://bauer-uk-d.openx.net/w/1.0/acj?ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x1200&adxy=650%2C307&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://bauer-uk-d.openx.net/w/1.0/acj?cc=1&ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x1200&adxy=650%2C307&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1

Request Chain 87

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

150 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
winit-stage.steamrailway.co.uk/ 33 KB
8 KB 490ms
354ms Document
text/html 52.210.79.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-36.eu-west-1.compute.amazonaws.com

Software

openresty/1.15.8.1 /

Resource Hash

1cd053a68708735d12cc65db146655efc821eac3f525392cafe8126734a4568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: winit-stage.steamrailway.co.uk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 06 Sep 2020 00:34:08 GMT
content-type: text/html; charset=utf-8
server: openresty/1.15.8.1
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
etag: "659c4aaed6c1c582161e812fbb474c57"
cache-control: max-age=0, private, must-revalidate
set-cookie: referer=; path=/; expires=Thu, 06 Sep 2040 00:34:08 -0000 visitor_uuid=9cbb131e-47ed-4218-b1b9-0b5165f3f4ee; path=/; expires=Thu, 06 Sep 2040 00:34:08 -0000 _session_id=2ea2863e73e838633b86b4ab60ba2ebc; path=/; expires=Sun, 06 Sep 2020 04:34:08 -0000; HttpOnly
x-request-id: 4c628c9116d59ca182f2c1de5168b6c2
x-runtime: 0.286945
vary: Accept-Encoding
content-encoding: gzip
x-rack-cors: preflight-hit; no-origin

GET
H2 200 tag.min.js Show response
get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/ 77 KB
16 KB 528ms
460ms Script
text/javascript 143.204.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/tag.min.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b60c5d87f789e3b11a230a135337e5b45ed387b17de99558f5b65ea8941b03f

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 16:33:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "aa7ffdab8c3cbe3cc55d777383e28f9a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
date: Sun, 06 Sep 2020 00:34:09 GMT
x-amz-cf-id: 6s2Krk6qXHVMI9IlvRcVsuBXTI3kXi9n16Ry148k5_YP011oEu5VHQ==
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)

GET
H2 200 gimlet-5267225dc10403f2d42fce3e68a73eaa.css
winit.stg.onebauer.media/assets/themes/ 379 KB
36 KB 208ms
88ms Stylesheet
text/css 99.80.128.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winit.stg.onebauer.media/assets/themes/gimlet-5267225dc10403f2d42fce3e68a73eaa.css
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: 3ea378ba94dea9e415f781c39bd2e495addc4f7cba8e9523d712b074151bb81a

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rack-cors: preflight-hit; no-origin
date: Sun, 06 Sep 2020 00:34:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:37:12 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding, Origin
content-type: text/css
status: 200
cache-control: public, max-age=604800
content-length: 36775

GET
H2 200 gimlet-936c152996481c5e77196ebcbe316e24.js Show response
winit.stg.onebauer.media/assets/themes/ 1019 KB
281 KB 241ms
122ms Script
application/javascript 99.80.128.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winit.stg.onebauer.media/assets/themes/gimlet-936c152996481c5e77196ebcbe316e24.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: 9fe15e1925ef9968295045304bfa42418d3a04b16aecf9196fc6ad7959e24eff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rack-cors: preflight-hit; no-origin
date: Sun, 06 Sep 2020 00:34:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:37:09 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
content-length: 286754

GET
H/1.1 200
OK 185605-195019526585697.js Show response
js-sec.indexww.com/ht/p/ 129 KB
39 KB 828ms
733ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185605-195019526585697.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48923bea5d63ec2e0c19818b884e9582df842f498e337f47f2d952cc77fb59fa

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:09 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Sep 2020 00:31:04 GMT
Server: Apache
ETag: "761e74-20294-5ae9a379e046a"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39146
Expires: Sun, 06 Sep 2020 01:34:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
559 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Sep 2020 23:21:09 GMT
server: ESF
date: Sun, 06 Sep 2020 00:34:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Sep 2020 00:34:08 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 22ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 steamraillogo.png
winit-cdn-staging.bauerassets.com/uploads/site/primary_logo/101/ 18 KB
18 KB 374ms
251ms Image
image/png 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/site/primary_logo/101/steamraillogo.png?crop=&fit=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

f22dbe060b04be54986a8ba22945169722b5e029346a5aae0b4b897d4b3192f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 0
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 9493b9fcc22c7265d4df3805a695044f75fafcf3
content-length: 17959
x-served-by: cache-lax8624-LAX, cache-fra19121-FRA
last-modified: Sun, 06 Sep 2020 00:34:09 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: spvWSDSxhCmvDPJorcwrGV9RPjw3gCSExcMOdVJ3MIuINimMEQaDiQ==

GET
H2 200 applewatch.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36738/ 30 KB
30 KB 246ms
124ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36738/applewatch.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

8ae3b7a22968cf710505139f667b453594923d364e919f0350ee36d136595873

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 181285
x-cache: Miss from cloudfront
status: 200
x-imgix-id: f754c58e26646148bd0325a20bcb65b6e6554814
content-length: 30333
x-served-by: cache-lax8626-LAX, cache-fra19157-FRA
last-modified: Thu, 03 Sep 2020 22:12:44 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: uyu-1qLhg2TxHuEeVmdz6t8ixEyRyc3FPbZQovKde2fgZCACrXemsA==

GET
H2 200 amazonvoucher.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36739/ 28 KB
28 KB 234ms
112ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36739/amazonvoucher.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

b416445cf5b874a1c5bd93a67fc5c7764d17b2dd9f1f2d84af5dbeb34f3b7843

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1583132
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 403d43beb02a9e970257949761c493adbeaed01e
content-length: 28376
x-served-by: cache-lax8637-LAX, cache-lax8621-LAX, cache-fra19156-FRA
last-modified: Tue, 18 Aug 2020 16:48:36 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: D_lOOkxLCUuubYuInCiTegmohax0Rnj2pxK9TZL9eI6xto-BYYu0OQ==

GET
H2 200 jlvoucher.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36737/ 21 KB
22 KB 228ms
105ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36737/jlvoucher.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

e58d3ad2c45ce14d3b714ec15d306fa27fd8ef02c1150d51ba22cc5ae892e842

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
status: 200
x-imgix-id: ec1a3965decad16f1e0034974bdac16870816b04
content-length: 21553
x-served-by: cache-lax8643-LAX, cache-fra19128-FRA
last-modified: Thu, 03 Sep 2020 16:38:29 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
x-amz-cf-id: bmq3o7tMV5LUwzsBiayG95k49z30Bd_zcngVqI33XDyqNVJAJ_GFNQ==

GET
H2 200 steamraillogo.png
winit-cdn-staging.bauerassets.com/uploads/site/unthrottled_image/101/ 567 B
1012 B 391ms
269ms Image
image/png 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/site/unthrottled_image/101/steamraillogo.png?crop=&fit=&h=27&w=20

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

2e0a65b579e322fd2da9762b3b18dfed0e07a338bc6bd0b4a59d29d88f7a72d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 0
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 352dbe5ea4399e3622f381fd38a8202a3792fc80
content-length: 567
x-served-by: cache-lax8646-LAX, cache-hhn4024-HHN
last-modified: Sun, 06 Sep 2020 00:34:09 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: HvAFSpLO1YfhjfmfgtqNL2SRFRAEibZVi5IL2iy5D8JwepHp0Onn1Q==

GET
H2 200 tesco.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36763/ 34 KB
35 KB 184ms
62ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36763/tesco.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

ab55c01863c6acf8890e8fb65e707c4768ba3775e30c9ea21171c55c2ed83f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1251781
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 52b23fd227f4d668737823df9d28da462ccae691
content-length: 34985
x-served-by: cache-lax8632-LAX, cache-hhn4027-HHN
last-modified: Sat, 22 Aug 2020 12:51:08 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: WKOnK3b-tf1QtJJDavjy2zokfEsuDpHRHXDsuSAx8SU9S-Lb1stL6A==

GET
H2 200 ps4.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36740/ 17 KB
18 KB 193ms
91ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36740/ps4.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

53151d4cde0bb9594825247bd8b6510ba53abaa4cc69ecb5459cc4419e885d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2041584
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 99c136ca5c7f054994790358515739399774c81c
content-length: 17604
x-served-by: cache-lax8643-LAX, cache-fra19137-FRA
last-modified: Thu, 13 Aug 2020 09:27:45 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: _5bZYwX3tWU_X46gFT-tJD5a0j3c2_1_zYcjcvVU1Fjb1HrXOim4dQ==

GET
H2 200 350cash.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36677/ 23 KB
23 KB 223ms
120ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36677/350cash.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

7d8036258928074ad444f8899ea5f83856daa28ca6bedae215b8429263fea028

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2024744
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 5300ea9132a4ddc498817e1dc804328b93af5954
content-length: 23468
x-served-by: cache-lax8642-LAX, cache-hhn4072-HHN
last-modified: Thu, 13 Aug 2020 14:08:24 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 1pRGmLilcJLJnjOr2KxcEtg8b7dXF6PKcVGP7z-_bjgnaLZ5olLyYg==

GET
H2 200 amazonbundle.jpg
winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36648/ 23 KB
24 KB 203ms
101ms Image
image/jpeg 143.204.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winit-cdn-staging.bauerassets.com/uploads/drawing_photo/photo/36648/amazonbundle.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.201.47 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-47.fra53.r.cloudfront.net

Software

imgix /

Resource Hash

dc03e77d2d1169ef623ed6eeb31aae084c2dac05eacbc22141ba625a2e300628

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 579369
x-cache: Miss from cloudfront
status: 200
x-imgix-id: 2dd81fd33b5abae8760096381f5dc18a23683502
content-length: 23840
x-served-by: cache-lax8646-LAX, cache-fra19144-FRA
last-modified: Sun, 30 Aug 2020 07:37:59 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: n9KXLcCOPbi4V_ofB-8u2imrPvIqodWEZy_wU_mrugR7795-FJciEg==

GET
H2 200 sp_message_puppy-52d88b562e851c6b5c0d4f0eeddabfc0.jpg
winit.stg.onebauer.media/assets/themes/gimlet/ 4 MB
4 MB 129ms
126ms Image
image/jpeg 99.80.128.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winit.stg.onebauer.media/assets/themes/gimlet/sp_message_puppy-52d88b562e851c6b5c0d4f0eeddabfc0.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: 28bdea4709af0b40e3e4fa836859c423a8730dbc66c8ba9f9b5af8b883e20dc6

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rack-cors: preflight-hit; no-origin
date: Sun, 06 Sep 2020 00:34:08 GMT
last-modified: Tue, 01 Sep 2020 08:36:07 GMT
server: openresty/1.15.8.1
vary: Origin
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800, no-transform
content-length: 4074118

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
30 KB 20ms
17ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PXCVBCD

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9052f93873eeb4ae10b464d978fd43468db2bf3c5b94d380ae980314363e65a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:08 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30718
x-xss-protection: 0
last-modified: Sun, 06 Sep 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Sep 2020 00:34:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6efa35d6c61966ed4bd2fbbfa9804746825a21a5047ea08e02ec41bdb79a3190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "624 / 629 of 1000 / last-modified: 1599257465"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18757
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:08 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 114ms
39ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:27:58 GMT
content-encoding: gzip
server: Server
age: 371
etag: 5a34c79c51b93c8b4601b1808cbdbd04
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1aTeAAe-XdZw3E1GCo5MduAEDJUyPNaMvHrIHF8cy4oO3hVc2cAfxg==
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 4708
date: Sat, 05 Sep 2020 23:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Sun, 06 Sep 2020 01:15:40 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/baueruk-winit/ 139 KB
23 KB 98ms
32ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0708826ae5d7a8c83d5527dbdcb0ae72174c31e7b11ad93a24e39bcbbfd47eb

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: zXnfde8qeWn8ftbDHeIhFcT68iQ9.DOx
content-encoding: gzip
etag: "d1bf957a44ea0282106e94cb04617416"
age: 35
x-cache: HIT
status: 200
content-length: 23419
x-amz-id-2: T6tPFEZdF1LiH6cHMUTqJh3KQ+seMK9Brd6F13JbH83xutq4QsOuLaFqWKbsUqXVr5+bSQ+CSFc=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 01:17:05 GMT
server: AmazonS3
x-timer: S1599352449.995796,VS0,VE0
date: Sun, 06 Sep 2020 00:34:08 GMT
vary: Accept-Encoding
x-amz-request-id: 2M0Q7X3ZFV3T8SBJ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 56
x-cache-hits: 1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42baaf9ce3762529bdeeee223a28bc895e257bc2e636bd638691a11c3cd05cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NDMT4Mur1DSgGfqF3kvVyQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "aba32c7cb0bdd628580e4b81105411b5"
x-fb-debug: XLX38GYwFW91FHkNyFESQ68eOCRcb8p5eeAGBgO+ww+O4pT3U6b/iLP7PRbVAJiSTW6qxTtEAytu3wHPsBwgsg==
x-fb-trip-id: 664085054
x-fb-content-md5: 85ec68944b06251b7f9ceb17146a4710
x-frame-options: DENY
date: Sun, 06 Sep 2020 00:34:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Sep 2020 00:45:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://winit-stage.steamrailway.co.uk
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 480606
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://winit-stage.steamrailway.co.uk
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 480602
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:06 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://winit-stage.steamrailway.co.uk
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:06:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 487675
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:06:13 GMT

GET
H2 200 ads-bc58f3e99861bdad4892c545ec8d5cbf.js Show response
winit.stg.onebauer.media/assets/advertisement/ 160 B
374 B 114ms
113ms Script
application/javascript 99.80.128.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winit.stg.onebauer.media/assets/advertisement/ads-bc58f3e99861bdad4892c545ec8d5cbf.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: ec2f6569a3953d30bd3a7130e2fb3b8534b32f79677bae4c3bfd12831ff5ea6d

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rack-cors: preflight-hit; no-origin
date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:36:07 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
content-length: 146

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-46897383-1&cid=429869368.1599352449&jid=1842962719&gjid=314671835&_gid=2057535064.1599352449&_u=YGBAgEABAAAAAE~&z=1773262636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 06 Sep 2020 00:34:08 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=314464227&t=pageview&_s=1&dl=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&ul=en-us&de=UTF-8&dt=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1842962719&gjid=314671835&cid=429869368.1599352449&tid=UA-46897383-1&_gid=2057535064.1599352449&cd1=unknown&z=757316556

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Aug 2020 04:34:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2491168
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
61 KB 16ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd3d0d4651fa31d8c597516a43797c3c71b8216a580911eaf649209ccfa7cab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://winit-stage.steamrailway.co.uk
Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FPfH3VkX5JDoP8huBsxhUg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62338
etag: "71096030750d8a7416b0a4e5433aef12"
x-fb-debug: Xz+ag1pGtOKk+iPj97qPNc1pc2MJPVlOU5sIn8KXAT9wmJahhL1OyMci+dCu0FdQGqVvB0RD/T1BE06XtNbasA==
x-fb-trip-id: 664085054
x-fb-content-md5: 56cf1233eab5bb0bf35f1be7cbb21388
x-frame-options: DENY
date: Sun, 06 Sep 2020 00:34:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sun, 05 Sep 2021 23:50:20 GMT

GET
H2 200 services.js Show response
js.gumgum.com/ 97 KB
36 KB 232ms
153ms Script
application/javascript 99.86.2.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXCVBCD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558a6485b2a86c29318c69b539557e94cfb08fe350d3b7dbcba438149e4bb7a6

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
last-modified: Fri, 28 Aug 2020 17:15:47 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-meta-timing-allow-origin: *
server: AmazonS3
etag: W/"cb35a2c249556995ec4d38d9c084ba78"
vary: Accept-Encoding
x-amz-version-id: EsOIZpr8YVSZJcCuYfTw2PUbaHmr_ml2
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
content-type: application/javascript
x-amz-cf-id: ScSUPVrjTX6gx8fdDu5tLczxQR7QLz08Xrdaa2Inb4n81IThTjEKEw==

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 7 KB
3 KB 141ms
44ms Script
application/javascript 143.204.201.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-44.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 775ddfe657eb4ad24d52571735309d6f1262075b146026e8e6940401f3804503

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 12:08:14 GMT
content-encoding: gzip
age: 44756
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: D1935F253DFCB883
x-amz-id-2: khIkRiBOIMVh3mSgA1DYhgY+iep7sEiOu9Ew5PD1ZywLEhQJyZ1HOsV3K6XcVSe5DBM9qB7ZBr0=
last-modified: Thu, 30 Jul 2020 14:52:44 GMT
server: AmazonS3
etag: W/"9f291e408d9b17979cfbd6bc521f42b5"
vary: Accept-Encoding
x-amz-version-id: SdaoJsFXE8WnpoUOeXVJkqbQkzavC8A_
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: qyIdrhg6-z6YrgBqIcv3HipTpcG8ufYLNrjJfCPWt71GtxyOnwHolQ==

GET
H2 200 tag Show response
a.teads.tv/page/114689/ 797 B
749 B 186ms
84ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/114689/tag
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXCVBCD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34f87e0c581965fd8d6c84d6471484e72903f767e82c193b1b4c2cda7f8036f6

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 499
expires: Sun, 06 Sep 2020 01:34:09 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwini...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwin...

0
528 B

58ms
47ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&c9=&cs_ak_ss=1
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Sep 2020 00:34:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035170&ns__t=1599352448990&ns_c=UTF-8&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 06 Sep 2020 00:34:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2020090201.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 152ms
71ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Sep 2020 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94147
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H2 200 impl.20200903-38-RELEASE.js Show response
cdn.taboola.com/libtrc/ 440 KB
124 KB 32ms
32ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232f9e73eab0e421acd09c3f22b8661d1a316cd952deab5467db33be56491dfa

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tYtXrWlhrwUvbJXvUPDd54uF_EMC7niX
content-encoding: gzip
etag: "8b11e6b75a01f5ad58f3a99b6654a109"
age: 36
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 127014
x-amz-id-2: puAFyU79UXFUxKCJJdS6CXvSritjqVEfus/x1UR/xXJV0scCzT49Vha/AJnef9X1FXUhSBx4tZM=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 00:42:12 GMT
server: AmazonS3
x-timer: S1599352449.068678,VS0,VE0
date: Sun, 06 Sep 2020 00:34:09 GMT
vary: Accept-Encoding
x-amz-request-id: 3E396E07F40B9C49
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 80

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 129ms
47ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 07 Sep 2020 00:34:09 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 236ms
164ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:10 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 07:51:21 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: VFcc8F2CItzSv1_YEN6nLVkMGTnQmMX1_-yNWn6RLNprkkH1teE4YA==

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=314464227&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&ul=en-us&de=UTF-8&dt=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blocking%20Ads&ea=No&_u=aGBAgEABAAAAAE~&jid=&gjid=&cid=429869368.1599352449&tid=UA-46897383-1&_gid=2057535064.1599352449&cd1=unknown&z=342092106

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Aug 2020 04:34:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2491169
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
380 B 78ms
78ms XHR
text/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3244&u=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&pid=bnBHwoUKEuosb&cb=0&ws=1600x1200&v=7.53.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F24156345%2FWSOMETHING%2Fwsom_steam-railway%2Fsweepstakes%2Fhomepage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F24156345%2FWSOMETHING%2Fwsom_steam-railway%2Fsweepstakes%2Fhomepage%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F24156345%2FWSOMETHING%2Fwsom_steam-railway%2Fsweepstakes%2Fhomepage%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F24156345%2FWSOMETHING%2Fwsom_steam-railway%2Fsweepstakes%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: op3FkhnLTTnRmsb5zOjx53kdWAY1_95v7M4xY39Nrnmsvkx5FMxlIQ==

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 48ms
47ms Image
text/plain 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1599352449196&ns_c=UTF-8&cv=3.5&c8=Free%20Stuff%20%7C%20Win%20competitions%2C%20Cash%2C%20Freebies%20%26%20giveaways%20online&c7=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&c9=
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Sep 2020 00:34:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winit-stage.steamrailway.co.uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winit-stage.steamrailway.co.uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
7 KB 447ms
405ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1062089509099551&correlator=4380872055179916&output=ldjh&impl=fifs&eid=21066985%2C21067383%2C21067258%2C21067273%2C21066612&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200906&iu_parts=24156345%2CWSOMETHING%2Cwsom_steam-railway%2Csweepstakes%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C970x250%7C728x90&prev_scp=ad_group%3Dad_opt%26ad_h%3D0%26position%3Dad-leaderboard-2%252Cinline-04%26pos%3Dbtf%26amznbid%3D2%26amznp%3D2%7Cad_group%3Dad_opt%26ad_h%3D0%26position%3Dad-rectangle-1%252Cinline-02%26pos%3Datf%26amznbid%3D2%26amznp%3D2%7Cad_group%3Dad_opt%26ad_h%3D0%26position%3Dad-rectangle-2%252Cinline-03%26pos%3Dbtf%26amznbid%3D2%26amznp%3D2%7Cad_group%3Dad_opt%26ad_h%3D0%26position%3Dad-leaderboard-1%252Cinline-01%26pos%3Datf%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=COPPA%3Dunknown%26Site%3Dsteamrailway.co.uk%26Tab%3Dwinit%26Env%3Dstaging%26Referrer%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1599352449&dt=1599352449246&dlt=1599352448511&idt=709&frm=20&biw=1600&bih=1200&oid=3&adxs=320%2C635%2C635%2C315&adys=1537%2C299%2C1068%2C15&adks=1754816090%2C4085095701%2C3783448300%2C219524940&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&dssz=41&icsg=8391296&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=960x112%7C330x354%7C330x354%7C1600x-1&msz=960x90%7C330x250%7C330x250%7C1600x-1&ga_vid=429869368.1599352449&ga_sid=1599352449&ga_hid=314464227&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

eb370255d625b3e8715144e6dee8c197cbcf9d710403cfaa6dc1f8b1adb00417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6663
x-xss-protection: 0
google-lineitem-id: 5126837680,5126830009,5125330307,5124872305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138276388629,138276388002,138276165234,138276183077
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 24ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 732 KB
195 KB 28ms
7ms Script
text/javascript 2a02:26f0:64:596::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/114689/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64:596::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 9f2b8babf48aa8176622bfc39dd97c1e4695ff3ac17f031d69965129fac18990

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: F4062764BDD3FBB8
status: 200
content-length: 198330
x-amz-id-2: S604ke9rVAjbovlz6/5vOB6UGIWVt6JPc7+AixowvjkbiDgPno268kegMwVzI3ak96ppRC0bx8Q=
last-modified: Wed, 02 Sep 2020 15:10:30 GMT
etag: "1926eb65449b76218184fb596689a894"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 06 Sep 2020 01:04:09 GMT

GET
H2 200 wigo-no-slot
sync.teads.tv/ Frame C64F 0
0 170ms
72ms Document
text/html 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://winit-stage.steamrailway.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://winit-stage.steamrailway.co.uk/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 325
expires: Sun, 06 Sep 2020 00:34:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 06 Sep 2020 00:34:09 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 86ms
77ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=523&ts=1599352449623&env=js-web&pageId=114689&pid=124565&auctid=dfd32c6f-3528-4b81-b238-b1882850fbf8&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 06 Sep 2020 00:34:09 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 89ms
80ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=dfd32c6f-3528-4b81-b238-b1882850fbf8&pageId=114689&pid=124565&fv=523&ts=1599352449627&f=1&referer=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 06 Sep 2020 00:34:09 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 90ms
81ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=dfd32c6f-3528-4b81-b238-b1882850fbf8&pageId=114689&pid=124565&fv=523&ts=1599352449636&f=1&referer=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 06 Sep 2020 00:34:09 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 101 KB
33 KB 48ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185605-195019526585697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 82bc3b529be4362e1bc064aa71c0d97782d9da8c7f2fba62bd27c13d46badaab

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 15:42:51 GMT
server: nginx
etag: W/"5f45317b-1936b"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 07 Sep 2020 00:34:09 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
553 B 185ms
61ms XHR
application/json 63.34.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185605
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185605-195019526585697.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.98.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-98-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 87461043d374c19c3d125ce85e48f541875d98715fb4029555b17858d8929eda

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 06 Oct 2020 00:34:09 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1062089509099551&r=728x90&w=728&h=90&a=0

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBBE 0
0 74ms
72ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsump4K0PwDaKwazZ2ZTyeolxjzPX8adDCvO7oRA2DcUAQpSrC8qZSdMeHWMw3mTLPPgbx3n1YugnOxI-jw-kmNbFHgp-7iqZJ6sn2VgPX3bhJTDgjVVbs5gonXJPphoecGONfVlVuWl0auDqR2X8rQ4BZKUDBw3lyukHABrzpvhTOrCT_MQ5MrYAUVBBKP7Ew188fgog5UsonruZEgH3juN9Q4K3OPL5AhhTMJA2h4JenL8goyJFAny4aAE0un8Cn57gtsy7u47vJc5HlF4IsmTetURM61hmJGGt4pM6oX6aCUBH0W-yBU-TAHZzQZRR1vt0xfSgpUiSohqS6VM&sai=AMfl-YReF6VJGrKbTsISD7cKGlQ_Wn0IcfE9KwvgVan9XHVkP-h7rHgfQSKwxay1VIDycqtrytM9G-T3OkAUmAzquvgKRSZ4n--_5eZ3t3ZXApEW1JtrBfiOVsGZElEvXJk&sig=Cg0ArKJSzFPUTEaIbxanEAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H2 200 jstag Show response
bauer-uk-d.openx.net/w/1.0/ Frame BBBE 66 KB
23 KB 136ms
49ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bauer-uk-d.openx.net/w/1.0/jstag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: e3d7359a405772cf213e3f522f46fcda202fafd5bed7353957ac907c55d3b9c3

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
server: OXGW/16.193.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 23393
via: 1.1 google
expires: Sun, 06 Sep 2020 01:34:09 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBBE 74 KB
29 KB 74ms
70ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

21fb271392e0c7a737fb39243d3726a125a1282d2a0853cb910a87c1b890b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599152861011880"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28780
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A1A 0
0 72ms
71ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOH9i5Me5D7KAZty3VKNNz-JMFKqAMiPk7B2vbNVQEIYtnsOcJY9GMqfAOftkhW1h_s9PUw1LCmV8QZd2nIJpaqWJch7SLYPL2peEk9nFKBZX3o9NM4taz6-kLM0iSHl8fNAl7Py44NVaSZC5LER-tw-HRof_tV_CcGbRvQgQUQt_HFIBF7eROBWCGhbBeO5K6CPPvAYo_fbvYbT4rv7uXq5vNpjKEygPjAUGLj7z-w1aQ2s3AOJvwc-xkTPkPsdaGKZVza0SUIk4aBG9B90ADDVJ4bXCzshd7rxr0phdy_T7dm7WMNLNU4je6PlG8LyUOMr_mI91tpQ_whSxa&sai=AMfl-YTw08nDkVpH-gZMOMGBYAu1iLicCTXMnau5wffjAKcGEJ0IMovR5Hyn8zD3tnKAitny_Jcz6qXQBeklJ8Zta7JsEteobR3rszcRgAhAodR1dtmxRnHpNZyLdepAQf8&sig=Cg0ArKJSzPP-BN0igVU4EAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H/1.1 200
OK 15356.js Show response
ads.rubiconproject.com/ad/ Frame 4A1A 30 KB
9 KB 143ms
47ms Script
text/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/15356.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11387
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Sun, 06 Sep 2020 03:43:56 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A1A 74 KB
28 KB 71ms
71ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

21fb271392e0c7a737fb39243d3726a125a1282d2a0853cb910a87c1b890b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599152861011880"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28780
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 70ms
69ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599152861011880"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3052 0
0 73ms
72ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstauSB0OFzFAtsFXL33kp1GbpzGFbUl36us_9sbBkKQ4jtPZQ_LeCT0llzYcvRIxVLj1eJvclSBYlLVQY_7_NJfnydmYSo2bXJ2wLrAyQsXuRZaNtlKRhhII-upjHgT_re-lKm_VU3BhtocU2yLKAWAsTxDZG1-L2pJfHNlT8t45SX-lFHhoV7_WmTZREvX09YlEYAYc0_FuULZTzg92NwLgwxuLN6dzB9uSTxLuCGBTaKPzl4uH-DRT4pm0N8sEm_laz9XsLq6pDdkLc7BemvvzWKSTEqpWXGuuaX8WgSdXRNTpAcoZ8HwTKkPDqGfD3A2tk2OugkuQW-LOfrV&sai=AMfl-YSHOoWdGEXFbFS2mXLao4pKSEffExD4vqhMdwffBQXDmZIe1BlXAm-hF0S0RS2BDxvVbpswBpGrLomlutp5GqPaIGMtKoTJqDVJyOGf2Og5XzCBuZb-XcxCTeWgC8g&sig=Cg0ArKJSzO2kj9sN992REAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H/1.1 200
OK 15356.js Show response
ads.rubiconproject.com/ad/ Frame 3052 30 KB
9 KB 141ms
47ms Script
text/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/15356.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11387
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Sun, 06 Sep 2020 03:43:56 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3052 74 KB
28 KB 72ms
72ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

21fb271392e0c7a737fb39243d3726a125a1282d2a0853cb910a87c1b890b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599152861011880"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28780
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:09 GMT

GET
H/1.1 200
OK 1358720-2.js Show response
smarttag.rubiconproject.com/a/15356/272718/ Frame 4A1A 146 B
530 B 167ms
48ms Script
text/javascript 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/15356/272718/1358720-2.js?&cb=0.8418885265869758&tk_st=1&rf=https%3A//winit-stage.steamrailway.co.uk/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=272718_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/15356.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Sep 2020 00:34:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 146
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
DATA 200
OK truncated
/ Frame BBBE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ad61b80c8e1e03754217cc9faf9b9b85aed1c976ddfc794df78842cbe6b49c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBBE 0
21 B 75ms
74ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8O4e-jETgx36-_9e5QKtrLDSWMO44LycAO1k0AzzltLXSrdA2-soH1ElsEWng1J1xzG_e3GHpJPHUOn3oOpjYkM1PYzqusN9uAxjstOI26sHeIrX84K2Q6MoESc7JMeE6nQnrOtVP5EtaAShf5plw3vLco3iAzbYI4WNq55RIbtkunwXKCkNVbo57RzqUIlhTUXtaGYf_6_up6IwazFPHCTcU5B7oAIn5iB3-ULCfszQeYmBfDcJSuq8w-1CP13DTUzq_ml3xuROm5mDFdhgyIgadaxAygsybVJGVpxK0N7Je3RSNxCXXn3Ax6ZK4s3bDy0dyOOTroKzGj7i5mSE&sai=AMfl-YTDCwCYgd1gv6HUyA3KkX3WVQtffJceyyVx-K8hi1Zn66N2SGqlQdAROVVp05L2-h32-b7J5VbFe6jZXe2eauQ5ELYoLdUaKSMZQbac66BIodnZL0foykGS_lVDiAs&sig=Cg0ArKJSzKD4hK8U4T6IEAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 1358722-15.js Show response
smarttag.rubiconproject.com/a/15356/272718/ Frame 3052 147 B
531 B 172ms
49ms Script
text/javascript 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/15356/272718/1358722-15.js?&cb=0.9838984606814156&tk_st=1&rf=https%3A//winit-stage.steamrailway.co.uk/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=272718_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/15356.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Sep 2020 00:34:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 147
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 4A1A 156 B
484 B 139ms
46ms Image
image/png 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
DATA 200
OK truncated
/ Frame 4A1A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8c28c8163c0e3f1c9feaea9225db21ef920419f174400b5f12619e8d800a5bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5126837680 Show response
dfp-gateway.s-onetag.com/1/24156345/ 116 B
586 B 121ms
38ms XHR
application/json 143.204.201.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/24156345/5126837680
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-36.fra53.r.cloudfront.net
Software: /
Resource Hash: 0b559794f79ae786ec29c3798c4356bed288f7b360c49ed960bc2a2649f3aa4c

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:43:14 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront), 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
age: 49856
x-amzn-requestid: 618b1d02-fdfd-4145-8a91-81b2f1f24b54
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5f536bc2-2e4146487e3d9438a8b945a4;Sampled=0
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: SY3GeF0_CYcFWmA=
content-length: 116
x-amz-cf-id: TzmP-JzX_Cp5euG8FVH_Vqad1ZLJOSGlMH2jPKbi5UxtshgpH_PmLA==

GET
H2 200 5126830009 Show response
dfp-gateway.s-onetag.com/1/24156345/ 116 B
584 B 121ms
39ms XHR
application/json 143.204.201.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/24156345/5126830009
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-36.fra53.r.cloudfront.net
Software: /
Resource Hash: 0b559794f79ae786ec29c3798c4356bed288f7b360c49ed960bc2a2649f3aa4c

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 09:39:45 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront), 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
age: 53665
x-amzn-requestid: 54d6921c-6cc7-4eab-aa40-d45898e32997
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5f535ce1-245a782e5106604154228c3e;Sampled=0
x-amz-cf-pop: FRA2-C2, FRA53-C1
x-amz-apigw-id: SYtzTGAeCYcFgVw=
content-length: 116
x-amz-cf-id: T99IKnke_N96HHdOs000YSQvunGGrsoM5XnGliKPEZMX5BUDvhr6Fg==

GET
H2 200 5125330307 Show response
dfp-gateway.s-onetag.com/1/24156345/ 116 B
584 B 121ms
39ms XHR
application/json 143.204.201.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/24156345/5125330307
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-36.fra53.r.cloudfront.net
Software: /
Resource Hash: 2f6a219b94c9860a57a830d19300f6cc8563133d13956ddf20665f9624b6951a

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 22:13:30 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
age: 8440
x-amzn-requestid: f700e84b-8c69-401d-b501-59febe76c0b4
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5f540d8a-9a498420a95b8d58ac1a5414;Sampled=0
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: SacNsED1CYcFpWg=
content-length: 116
x-amz-cf-id: LyyGb6SfYdjsdDoopKAZqzyKF_KJh9FiGH651ph811w3kqarFbqcLA==

GET
H2 200 5124872305 Show response
dfp-gateway.s-onetag.com/1/24156345/ 116 B
586 B 123ms
42ms XHR
application/json 143.204.201.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/24156345/5124872305
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4e3c5bf4-d622-40e3-8dd3-895905f027cf/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-36.fra53.r.cloudfront.net
Software: /
Resource Hash: 2f6a219b94c9860a57a830d19300f6cc8563133d13956ddf20665f9624b6951a

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 15:27:07 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront), 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
age: 32823
x-amzn-requestid: 9aeaacd4-f1f7-4749-977a-cc8897b250d4
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5f53ae4b-223f132324c8dec74648f477;Sampled=0
x-amz-cf-pop: FRA2-C2, FRA53-C1
x-amz-apigw-id: SZgr3EHHiYcFgJQ=
content-length: 116
x-amz-cf-id: 9isGyXD4z7F-CxVzmZeC61UtLyWZ7NZdzU_CKyjC_5hxgBqsGLyUng==

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 3052 156 B
484 B 138ms
47ms Image
image/png 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/15356/272718/1358722-15.js?&cb=0.9838984606814156&tk_st=1&rf=https%3A//winit-stage.steamrailway.co.uk/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=272718_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
DATA 200
OK truncated
/ Frame 3052 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd17d5d10d3d65855d4f24d36cc50df643f2d8ab85862dc49c82b464b52b15b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A1A 0
44 B 72ms
71ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsFhrksF5lKXl3ViF4YDgkcOhYcdqOd-8MKSDT3lYeQ-eSxNm02-xDq6CqIS3Qx3XapP3hefbH_2nsBxWnoa0-swMEorRDXKWakpqtg7cZ9YhRJ-tLYsrr_o7AR3XsbFxlb8Lev3DSUtYaoiQpsoHDPRbrKWblIhTLgXJP4TdXC01n5P7xoXIBN3e4GnTlS_w3ymSg3YNZmqlb2eq2x09a6VMEmzVhbUfGTcphCzPo5zhW9863qmroOeSudbrvT42cDWn-DtG39hxN1WR_9iGkOHUhofxTTNoz_NSEJ2dtNp3ELYXD6jqFRRKc10x6QQ3maCsJ7WRY-T_2otfvMHk&sai=AMfl-YQl17ThGpdqpLB9x1lHOepjIxB3SU2Oc7x3mCHUGTwB6vpDZfkYmCQexbykWvf9Y_ADX3geXl_QwynrJGcrtY8RptIZy5-Q1s2_faoDnOqJ0qNL_ZYW_HOFIb_1-CI&sig=Cg0ArKJSzDGJ8MXBqV2OEAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3052 0
21 B 73ms
73ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrWkiOsaInSdbGk2VUzie6yIp66EkUxS1nrBJKRXNmk1FIyK3xUkH7cTKXJ2-hqm112S_IFssM3RMT4-7iMznXRgtYiRdEqsppuFeSR_XW9YBdj92Bzr-bmsGE8vkL4QRscjWXuzutufuOBEsp9hB08_EEkxGkF3WNVxhd0pQ7-k_Kelu9IDfYwMGDqSKzW8ObP0Ow-OiJ65hs_crHq9FvNYodwJn1G9YQKnWnR4CrZLEmneKyBwVj-9aDg8uILdeyqKa9Pnb1MM-DGRuZS1QZsVku1Wg9IURJ5-6D9GXPeJPdX3CbDNgEKsKlyULUdphpI3yrOEzSBLNxl063TnQ&sai=AMfl-YSdVGyuHF1vu-71bXGUna6abZFm458XrIbR2fDPEL39jJMQpoGcezV-mD9px0JKOl7a9A_wnwFmu1jPMUDO-NsQpXLNxPT8cDq9DsHXXwmATOKK0eGfGOkdccz9VnY&sig=Cg0ArKJSzD0P37teNxEzEAE&urlfix=1&adurl=

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6035170/ 0
400 B 51ms
50ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6035170/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXCVBCD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Sep 2020 00:34:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Wed, 09 Sep 2020 00:34:10 GMT

POST
H2

200

/ Show response
mydmp.exelator.com/on-site-tag-load/
Redirect Chain

https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d
https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d&xl8blockcheck=1

2 KB
5 KB

62ms
62ms

XHR
application/x-javascript

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: fe66a5a463f1557b446022abd23c34e04d05c7f740cf0cbca11aea4e22d3da86

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:10 GMT
server: nginx
x-powered-by: Undertow/1
status: 200
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

date: Sun, 06 Sep 2020 00:34:10 GMT
server: nginx
status: 307
x-powered-by: Undertow/1
location: https://mydmp.exelator.com/on-site-tag-load/?p=1334&g=50&j=d&xl8blockcheck=1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif;charset=UTF-8

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
25ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0469588de205811965467fafdeef092e8f7b835f1730bd2f35c426c7150c4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6480
x-xss-protection: 0

GET
H2 200 tag.min.js Show response
get.s-onetag.com/efaeec8a-bcec-4399-9684-54170bdb56b6/ 45 KB
14 KB 447ms
447ms Script
text/javascript 143.204.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/efaeec8a-bcec-4399-9684-54170bdb56b6/tag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXCVBCD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a187e41d6f0d59eea50327a487d8c7c39d7b2c1e7bac4263fb1d40403914b442

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 16:33:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "b5bd4881cb22bb31f16c8314e4b6dc02"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
date: Sun, 06 Sep 2020 00:34:11 GMT
x-amz-cf-id: sDnGcCA5BfEpkHbGuGhoRR0WqbA4hwEqZFOlRQy08LLXE2HrACV5Bg==
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 59ms
46ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js?21067383

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:10 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame D964 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://winit-stage.steamrailway.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://winit-stage.steamrailway.co.uk/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 05 Sep 2020 23:53:57 GMT
expires: Sun, 05 Sep 2021 23:53:57 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2413
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 net.php
mydmp.exelator.com/on-site-tag-load// Frame 41DA 0
0 45ms
44ms Document
text/html 147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD04MWYwNjM2MTU1ZDBjNjc3ZWQyNTc5NjM5OGZjY2I5OSZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9zeW5jLmNyd2RjbnRybC5uZXQvbWFwL2M9Mzg1OS90cD1WSVNELz9odHRwczovL2xvYWRtLmV4ZWxhdG9yLmNvbS9sb2FkLz9wPTIwNCZnPTI2MCZidWlkPSR7cHJvZmlsZV9pZH0iIGhlaWdodD0iMSI%2BPC9pbWc%2BPGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3B4bC5jb25uZXhpdHkubmV0L2MvY3NlP2E9UiZBPTI5MiZEPTZiMmImVj05Jkkwaz1wdG5yaWQmSTB2PTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5JmI9MTU5OTM1MjQ1MDQ5MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vZ3VtLmNyaXRlby5jb20vc3luYz9jPTE0JnI9MSZhPTEmdT1odHRwcyUzQSUyRiUyRmxvYWR1cy5leGVsYXRvci5jb20lMkZsb2FkJTJGJTNGcCUzRDIwNCUyNmclM0Q4OSUyNmolM0QwJTI2QlVJRCUzRCU0MFVTRVJJRCU0MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vYmVhY29uLmtyeGQubmV0L3VzZXJtYXRjaC5naWY%2FcGFydG5lcj1uaWVsc2VuZG1wJnBhcnRuZXJfdWlkPTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5IiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=615c9f32083bfdf63b05372432cbcf80
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash

Request headers

:method: GET
:authority: mydmp.exelator.com
:scheme: https
:path: /on-site-tag-load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD04MWYwNjM2MTU1ZDBjNjc3ZWQyNTc5NjM5OGZjY2I5OSZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9zeW5jLmNyd2RjbnRybC5uZXQvbWFwL2M9Mzg1OS90cD1WSVNELz9odHRwczovL2xvYWRtLmV4ZWxhdG9yLmNvbS9sb2FkLz9wPTIwNCZnPTI2MCZidWlkPSR7cHJvZmlsZV9pZH0iIGhlaWdodD0iMSI%2BPC9pbWc%2BPGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3B4bC5jb25uZXhpdHkubmV0L2MvY3NlP2E9UiZBPTI5MiZEPTZiMmImVj05Jkkwaz1wdG5yaWQmSTB2PTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5JmI9MTU5OTM1MjQ1MDQ5MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vZ3VtLmNyaXRlby5jb20vc3luYz9jPTE0JnI9MSZhPTEmdT1odHRwcyUzQSUyRiUyRmxvYWR1cy5leGVsYXRvci5jb20lMkZsb2FkJTJGJTNGcCUzRDIwNCUyNmclM0Q4OSUyNmolM0QwJTI2QlVJRCUzRCU0MFVTRVJJRCU0MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vYmVhY29uLmtyeGQubmV0L3VzZXJtYXRjaC5naWY%2FcGFydG5lcj1uaWVsc2VuZG1wJnBhcnRuZXJfdWlkPTgxZjA2MzYxNTVkMGM2NzdlZDI1Nzk2Mzk4ZmNjYjk5IiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=615c9f32083bfdf63b05372432cbcf80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://winit-stage.steamrailway.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EE="81f0636155d0c677ed25796398fccb99"; udo="gAAAAAQAAAx%252FKLUv%252FWB%252FCzU2ALpYNBRJgF51AFTXCb88JnFNmZcK2Mn5HlOnHBIvzLLoMRRBLOpIJaoEdfovkepkbV%252FSy5q%252BNc03AGw7cc%252BVwzqsDzgsi1cBZtubRR36BzwBOwEWAbX57T2mHPqDpqt6i2rpl8t6XMGjLUWfOmyspSiK3RmkHkckpectTU0v9PUvN0F12LhLUduZM2k%252FOhV53oJQlNZUuw2n5JgGzr7mdOJ2ufWk3YrO2hSL5ZIt5U4VCAhdc0O2qRRcRZdUdDVr69DJB%252BP%252FozXthG5DJtBq6tYh0ohm3KU5Ih0axWJx1qvVJGTmVBS3BDYzAhGhtHWXu9FW9LStQykLG8xLv8QlKuLQKz3pqRGhmgsJWlSQ7XROrA1qsNiS5oSUGVJmW%252FGisveCFQ90KopIMTKQ3J3YyeLcGzcpjC%252Fp3MPKEx6plIF5IomYvSGgyApDO8LsfWULbWDTCnIZ4ACJhAh7F9ibgoY2JCIIiO1NtLPfvHnzZj%252FYe%252BeMyKkqDr2SEc3oc3%252B8dIza0oLG2TvLTBslfD9U8hEyimYdY2gwkIJyiLARoorGbEgPgmYVouJMlxYmbsyMYLojuBcugGBQD7Fv8khR5pWSYJGRnUWOynozcHNmZB2ah8WurHcBLRxi%252FAxrfPCp%252FgcQYd2jBwJHEO5gxKco5Jb13hN2lPVW0K7BqSK6%252FawoDblztNPED7qmp6qTcvmS6jLZJsUEJOUkHK4kJBs7s7YK5XKr7VSRNzjkViyuHROABakuk0hBqw23Fgk5MdhgiKuxtTKaQzWcemsZidCb7UxnMx7L9nxmr9hMBnO1XiaLsawWBmvFXjFWr%252BXDd1XtplN6%252BRjTs%252Bjog116jn%252B7FGiK42wfOqqokxKVdjOR39NCORiz%252FO1wPH%252BPazLVwp3X9vjznnIn0ROryffzUfx%252FnliwHhfsNZvBWlD08MtAVug0IumsobTVPFNT6hiwC5y5D6pTOm3pC1mTyf8ufDETg3L7%252B9GPgaB4J7ofRfb6D2Kqy6RcNDq%252BnXZ5C7vA72m6Dz2pyyRP%252BDv%252BzrqftzH8PS4K9p%252F%252BMR0PQfEOwx4n1ePBmP2dVqHeDn9Pw64G3ln%252B%252FewCWdjzOE27QNanVeoy%252Bf1vdl%252BeUOZEOpZVqbpMerp%252FD3uf7FvNQqIXmqrLpBAI7LDaVJdJHwacUl0m5TbI307HubiN0yU2fjnLI5q%252FL%252FZX5t1t%252FVBUXSZ5iizsfV0D%252Fz1OezhoNqnL5NtdGvZwLBNP5E9ewbGvH83ANy5iEpSF8bc91WWysxz%252B8Y%252FmLdz563k%252BdVKXSXrurMm02mCcqGa4%252B5f2dpf18hxF5DNgK4iMCDvC9tL6ZCUqOegq5QxxkYTk4r14vsV7%252BcxarevFsr17V6zn48Nr9bRebQ%252FGdxXSLLtKSDJrJJAjhAKxws7OlRwhASBEMQOgwo6OiWCCTUfHPMBB4EywIdh7C6BAXO29MxzYCzbOxuEgdqu9WU8m9oKds3N2rmwPslesJ0TL89Bi%252FeYQPQ8unKpej3dErnjUk6pbwZ7JRmQKrabO6UfDcRBJBfzNvyUqtXbrtT8LkUfZbNaz5PMSV8XX7a07%252B3qODfo4kHWFP09BGO7HFWmX6GE4ps2v98Gd%252B9walN99CWIMBBTyNoge9fiKF99ZGLtFUzTN%252Bu%252FWolacB8jjaeDBuPXBLpAXef1HSqsV1ETHxZjm9Nw9%252F9HCWG0y7DSLPnmg%252BwrjYmsuqcvkrEV%252FHrnlMAKBAahhXObMzAwAQAABCAAAoQVAOQdZzQAR4KFCIwNQI6ID%252FPVzTkFPqdnxuWkJzyWnAix7oStIefrWQbELULWvCAUQyuQumSTquHxo8MdlSjas%252BrECl13Ep1WJgP%252B1IwBuatFT%252FRl3tdgWCUYpTm2wMYElUlT1kzErQu%252Fd5D8Cae3OPEGGZ4I4iuU01BAiRQLG5XbqYiykPGZW2EiVUY1c4ZpEboiArniEKTMYwYJpAKhX3w2dSRIUWypoW1NCRU17%252FE%252B2NTNR9jkLX75G38BYRuWa%252BUnfA6shsjHsViwF9FEWs11bxxa4U1WpulBqimFVVdjI0Vl1C4EqG1JidlhkTafZqapaWyvtMJXFUNGwqGLN1MPUJd68zE1P1Uv8G6uqVFVYTEuFBlpxMUWpBKrivLxmZcCVFV78CsyvxhT3kbxBgyQtgDHtwicDNObtHk3qWcuYGPiWp6vMrxuZEnpao2COF038f4cGI6XqbNUvhjlM0DHrsSozIXGGWokK04qzx4iilGLORJJ6KCaZQgG0gSHMzapNNIUB6zAJ60AjUu1RkwnmXB2bwqMoohRhrpshMN9YdQ%253D%253D"; ud="eJxrXxzq6XKLQcHCMM3AzNjM0NQ0xSDZzNw8NcXI1NzSzNjSIi05OcnScnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJ4SX5RZvoi56jFRSlpDItKik8F7zLIBgBRPyle"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://winit-stage.steamrailway.co.uk/

Response headers

status: 200
server: nginx
date: Sun, 06 Sep 2020 00:34:10 GMT
content-type: text/html;charset=UTF-8
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
131 B 44ms
43ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090201&jk=1062089509099551&bg=!HB-lHwdYdR3sZawZVJMCAAAAYFIAAAAMCgGL2OKTRGjhynI_1CmZyt1iPdXz3Ih1EcvjBs02wmSrcO2q_Vzl1ARqoPMP0twvKSoAttmRcn259eLBPgxGQCuIrFvlFpY248JdMN0IEClHqe069CIdMn224l0dAuL6HTogdfyQh6sWoBL6ZkGnAci4jw-pBHnRq-NrMhLNkfzFmOGW5u4DoiffzerWgG4kmET44B-wOTA-oYeajoCYhl4WUcDQzd7V13rSet49_GZuBA5F2CURqOEpSe1V82wY-QN53G0S8vQws9KKUzCy1pNlMyn0rb8NsMTlMrw5cvXdzLmj1p6VeF7MIYt88gZsYtouRcIV8272M2bJ3zkDTXTyhKWbueGpQzvIYGAIpmeyCZOQDGtVA7mP5aIXqrmYOQLcFEtWPB36VyGAP8jxb-QtioYUe6Hfx0Pkk8cELQ_KnAg0fV7Fihj37VK3whngjGA-izN06JtEcEv4GOHWyZIntXBNWeqYdDLGcNrILDdNa0jw7Bu2YMGb25IOK_HHEflTq8D9ORiDt_A9tgqZAbcUDbKiuS6AbROgn6yzOAv5NcXos21VeHjJlJzBJEEki_Fvknb3UxEnpLoUtT8E5-np2oTZc6uCZi3D1jZnNg39uwWBTV_kOWtx15Ig47wZcoadsFCIHm6TVgXKkY5J5kBOGXIJiQe_WvMWGqztFd_Rcp3fkvOWagrb2f6m3HcVGOQ5U4CB7A65MNaY9-4IzGlmUveiMO_6zNmpuMhNixb9WONOf-gwNMMZSe4BwJY0XiCoo3s4u53CPcvCRn6ZwaRpcsvJcXsoraBWyYZ1Gz903YZRnGiwULSUnbxwf595Su2pesogAIgbLauD8AJ647i8v7XC2J9wdCzJ4yQIACwqXghNVuU826DwRAufqh7MEdTsGFtL363u2O6PaF_pZoQ8SkO4U-eWd49R1T86CkecM2wx99Rp_dPRGxvyxqcLqAwP6CDTX1wYDxjFWoc6Xl1hlQBRj5pzry95PFRBzTlHLLn-XBowNkBo1mFnSYmFDx_ZgJMaMnF5ZKUUq4KaCHB0aLu2VNgOHJ8PVOPcFZOlNILbzJgJoVgz6In-kcFkks4Ut6AUw7WAJmjxw0gPVBom3F7M2N_H

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 27ms
5ms Script
application/javascript 2600:9000:2057:ee00:5:9a4c:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/efaeec8a-bcec-4399-9684-54170bdb56b6/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ee00:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d640ed39630d91dec61dcb107b977293ec29fecbb5e74467e017d872bf76b0db

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 01:13:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:07:03 GMT
server: AmazonS3
age: 84050
etag: W/"3474b905a68bc9e5b800b4a728bcd8a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: iJO00mi5pglap2bW60H1GBGtloYAnC3A
status: 200
cache-control: max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: O7zQmO3BTfc2GwiOtZQoPaBhcGyTH5VP8FqCFBu_iwTaNq4MajLXKQ==
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)

GET
H2

200

acj Show response
bauer-uk-d.openx.net/w/1.0/ Frame BBBE
Redirect Chain

https://bauer-uk-d.openx.net/w/1.0/acj?ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x1200&adx...
https://bauer-uk-d.openx.net/w/1.0/acj?cc=1&ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x120...

1 KB
964 B

50ms
50ms

Script
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bauer-uk-d.openx.net/w/1.0/acj?cc=1&ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x1200&adxy=650%2C307&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: b6446b612cf744b1c1b1fa55d6fa7ef3f32ecb3eb57e91594b7cba421735899f

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:10 GMT
content-encoding: gzip
server: OXGW/16.193.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 682
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 06 Sep 2020 00:34:10 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://bauer-uk-d.openx.net/w/1.0/acj?cc=1&ai=a428eb4c-af36-4adc-8be6-0cdc46883146&o=7678964313&callback=OX_7678964313&ju=https%3A//winit-stage.steamrailway.co.uk/&jr=&auid=540826335&dims=1600x1200&adxy=650%2C307&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1
alt-svc: clear
content-length: 0

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame BA95
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d

0
0

47ms
46ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d
Requested by: Host: bauer-uk-d.openx.net
URL: https://bauer-uk-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://winit-stage.steamrailway.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=c553f9ca-6b49-0937-12d0-96801be128bd|1599352450
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://winit-stage.steamrailway.co.uk/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=c553f9ca-6b49-0937-12d0-96801be128bd|1599352450; Version=1; Expires=Mon, 06-Sep-2021 00:34:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1599352450|gekin0vNiygu; Version=1; Expires=Mon, 21-Sep-2020 00:34:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 06 Sep 2020 00:34:10 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=c553f9ca-6b49-0937-12d0-96801be128bd|1599352450; Version=1; Expires=Mon, 06-Sep-2021 00:34:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aeca8431-781a-45cd-b507-0d875c25eb4d
date: Sun, 06 Sep 2020 00:34:10 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BBBE 42 B
68 B 43ms
42ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqcq28g3-y1W9luZM59gK1AzAzgZeFbWcCLxpp42oTmBuBk8COi_vquENeQf0r2Yi8sqawzKwqL94P0ywdvyGf-1TXxlydmnpI4rUPb1o&sig=Cg0ArKJSzGzlQpufWRYpEAE&adk=4085095701&tt=-1&bs=1600%2C1200&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&p=307,650,557,950&mcvt=1019&rs=0&ht=0&tfs=8&tls=1027&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1599352449733&dlt&rpt=179&isd=0&msd=0&xdi=0&ps=1600%2C1924&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-5-10-10-0-0-0&tvt=1023&is=300%2C250&iframe_loc=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200903

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C3C3 55 KB
18 KB 71ms
70ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: bauer-uk-d.openx.net
URL: https://bauer-uk-d.openx.net/w/1.0/jstag

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

accafc853d1580c8df9526a9b02194296092bba3cae134aa7c88ff3d4981bd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "624 / 207 of 1000 / last-modified: 1599257465"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18765
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:11 GMT

GET
H3-Q050 200 pubads_impl_2020083101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C3C3 262 KB
92 KB 70ms
69ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2020 08:38:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94015
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.cz/adsid/ Frame C3C3 109 B
890 B 36ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.cz/adsid/integrator.js?domain=winit-stage.steamrailway.co.uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C3C3 109 B
868 B 37ms
23ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winit-stage.steamrailway.co.uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C3C3 41 KB
11 KB 361ms
360ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=764096367309242&correlator=3343531964958086&output=ldjh&impl=fif&eid=21067355%2C21064169&vrg=2020083101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200906&iu_parts=24156345%2Cpassback%2Cuk_passback%2COpenX&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=2&cookie=ID%3D41ed5ada4d7fa096-22dd0e5012a600ba%3AT%3D1599352449%3AS%3DALNI_MZBQpD3zSNWtD21g8GnHA8AlEY15Q&cdm=winit-stage.steamrailway.co.uk&bc=31&abxe=1&lmt=1599352451&dt=1599352451243&dlt=1599352451011&idt=215&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=650&adys=307&adks=693116964&ucis=z2a99g7eqsp8&ifi=1&ifk=4016307912&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&top=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&dssz=4&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=429869368.1599352449&ga_sid=1599352451&ga_hid=1636837478&ga_fc=true&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

fa9df5db96eb2c5f1ca9d4347b72b5ce8461304a1cf4333ab3ce18d16fc45be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10261
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C3C3 0
0 28ms
13ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C3C3 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4A1A 42 B
139 B 43ms
43ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss98XE3pWBWq1nEPaGaDkEs5x2zTDqBt7yYH7eA3DdhD7n6-JsfVeA8vSoOFO2jfthwGP6lJPkZJY7TxFR8_DeyuiJfnaJxge6fh_gKy70&sig=Cg0ArKJSzFBcWJk9FyCPEAE&adk=219524940&tt=-1&bs=1600%2C1200&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&p=15,436,105,1164&mcvt=1049&rs=3&ht=0&tfs=141&tls=1190&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1599352449738&dlt&rpt=330&isd=0&msd=0&xdi=0&ps=1600%2C1924&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-2-10-10-0-0-0&tvt=1189&is=728%2C90&iframe_loc=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200903

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame 3065 206 KB
56 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29475
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Sat, 05 Sep 2020 16:22:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Sep 2021 16:22:56 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 3065 16 KB
6 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cfde8a99cbbfb145edbaee540db712a5c6e8efa9e0b8209d803a7d4ecbdbbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 151226
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5745
x-xss-protection: 0
server: sffe
date: Fri, 04 Sep 2020 06:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f38bf2e806d02bb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Sep 2021 06:33:45 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 3065 95 KB
29 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29475
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Sat, 05 Sep 2020 16:22:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Sep 2021 16:22:56 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 3065 4 KB
2 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af517de65e4d2beaa3da8659682a9daaf863b96f59567e7550b7a1812a4f97e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 151208
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1788
x-xss-protection: 0
server: sffe
date: Fri, 04 Sep 2020 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0cdd699146251721"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Sep 2021 06:34:03 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 3065 47 KB
15 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05148a217f01f1d6b7a9e90813a2c58d0dbbd947f76cbcbba24e4c0411463b08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 151224
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14592
x-xss-protection: 0
server: sffe
date: Fri, 04 Sep 2020 06:33:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c6e61a9007c16120"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Sep 2021 06:33:47 GMT

GET
DATA 200
OK truncated
/ Frame 3065 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f40c0293a68c46d8cbf60ae386fa32deb5e5a8ca3edf7f4de5f2d1303d199321

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12514354770270246845
tpc.googlesyndication.com/simgad/ Frame 3065 14 KB
14 KB 7ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12514354770270246845?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnBCpIkOA0VSlwYsiCPjvs_wj9edQ

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d19ce65287a933ab93698d9e443f3c68dfff6dc050fa5d909f56f350879d2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 23:28:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Aug 2020 12:05:39 GMT
server: sffe
age: 522346
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14449
x-xss-protection: 0
expires: Mon, 30 Aug 2021 23:28:25 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3065 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 48313
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 06 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3065 295 B
388 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 11233
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 06 Sep 2020 21:26:58 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3065 0
0 47ms
46ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUcQKgy5UX_awEsmC1gbY_Z6wBuqPhvNek_WClJwMz5qp0NAbEAEghJS6LGDM4e2B_C6gAcrc98gDyAECqQIPQG9ZiwFoPuACAKgDAcgDCKoEgQJP0K2xr35Of788whDSsMb1Vxw61icTF4aTTvKsBMRapLk7wG-BvCBpvKNgnEauytWJs6wwSFq2rrOEqL_k6jMZ94UqrUTUtzuuJcbIXT8aSpkMGRBwCqBqllxc06hr-u8RveNvHD3ITwlfLZQilVuZEmfgcPrCldJRokGji9JdFC2FPKrrb1AOtJIIn8vw0POgOP0fmhZFjDX0FZGs32zgIJIyWTYnOB-cPy5mlHfvQ1ZeHMQ9r9PSQhV8t6GHxjMPAcMMvO7evDG6v0IF7RhfSFFZMllV2TyOwaMPDZr_Aoj6HWMJ0ugRST_px68JnQpdLCoLXzS3XjpMswikuq3ehsAEyZyw2JMD4AQBoAYCgAeeo4g3qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKKMAtIICQiA4YAQEAEYHYAKA8gLAdgTAw&sigh=zvGKdU5ohdY&tpd=AGWhJms0EjwXDoh5s4ZZqefjS4xwlz3JJNxMtkWMR4k-dRvzDA
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C3C3 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3920b9da73df8f5f2f0146fb8da27a3869b54e084208da0562472aeccb78766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6361
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C3C3 14 KB
5 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 06 Sep 2020 00:34:11 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3065
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 06 Sep 2020 00:34:11 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame F6E8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://winit-stage.steamrailway.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://winit-stage.steamrailway.co.uk/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 05 Sep 2020 23:53:57 GMT
expires: Sun, 05 Sep 2021 23:53:57 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2414
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 12514354770270246845
tpc.googlesyndication.com/simgad/ Frame 3065 14 KB
14 KB 6ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12514354770270246845?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnBCpIkOA0VSlwYsiCPjvs_wj9edQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d19ce65287a933ab93698d9e443f3c68dfff6dc050fa5d909f56f350879d2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 23:28:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Aug 2020 12:05:39 GMT
server: sffe
age: 522346
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14449
x-xss-protection: 0
expires: Mon, 30 Aug 2021 23:28:25 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3065 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 48313
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 06 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3065 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 11233
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 06 Sep 2020 21:26:58 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3C3 0
53 B 43ms
43ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020083101&jk=764096367309242&bg=!jI-lj5dYYNkTv2WF_bICAAAAWVIAAAAOCgC6ojV3Fg9qVJa4bg1hsh9DY0rBZO3qyzRtkSzU4kEeRIRr6j8KX6ZT-e6Ri8U5wXwlvRpzIAcIcms_MjfKDG9Sw14zpRZvu8XGQfQ-Z-WQ4vS1OhWJv1jUtXWI3kPMByqBos2HWBMjhx4mt-IfLoT-jhO7unSacpHbExcfT3NRgYUCT7BgZNox34RCEWv6pGRcA7MJkxQfS26SDUENEofeqZ-BVBaI2LDqEAeZaZPzr3-zWdchHfbfqJTGmQHlIjq0PTXv3Z0KNwftw6P26R4wpoDg5_gwED50GJBjCuHmr77WmXnPpmJHcRvzw3i4XrQY2xF0d8FTFz7oYxdPgPLWVnNH2G6lVU0A8G2Izx1Th6_KHpaPnzzX3vOw8ZGsR3mshnZV6_-TvVvYXfySCxuKoxkRZK9wKI4eDPx7MXYnIPpbBJK6G0b151Q6NDT1rEJ_7aRW28AJRFttWsqN9ymD-sfXSm-EKpNCd77RXkD0BKbNgjd8OO1MJz43mJTMZp5NXxy63cXvda6GTmg2a64jwBWVjqLXyHLmjVnPxH4Q1ag9dYt3gTV87O1YvtoIW46mdXR_NcyoaP7InG9xZ2E9S0Ay0tV7ov36pRcPXlrFYnJv27maRmWQQXIw7b_LLf8nZsiKXY7Sy66rDvTBM3-mU12_uGrK_d0M16ZzpNMsrOU37CQJ8hdPgENAJf5isKzXW9qfjLYwmCYvEtC_DKB1uA3Z1DLJGHC4JkV57f3dSYnnY9EbxUWCAbBxYq3z6ct_BWciFlzuvEBtXAxWPFgrDUqPPVCwAhV-BfLyAZ3Ynd_Hq6sU_QvMkUdFdAIbdbPdBA3dRiHcq601D69LmdlCnNq5LJH_gPYmgimgzclyH0c3lhB7ZNHFPt8Y5_TThh-ntUc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 services Show response
g2.gumgum.com/zones/720c5776/ 0
285 B 170ms
58ms XHR
text/plain 63.35.118.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/720c5776/services?dp=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&pu=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&rf=&r=3.59.0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.59.0%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=e773294a9cbd75534d4fc048c0512b1eaf2d35a5&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1599352452120&to=-120&vpii=false&vph=1200&vpw=1600
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.118.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-118-223.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:12 GMT
server: nginx
etag: "0d41d8cd98f00b204e9800998ecf8427e"
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-allow-credentials: true
timing-allow-origin: *

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3065 0
0 46ms
45ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7sYBgy5UX_awEsmC1gbY_Z6wBuqPhvNek_WClJwMz5qp0NAbEAEghJS6LGDM4e2B_C6gAcrc98gDyAECqQIPQG9ZiwFoPuACAKgDAaoEgQJP0K2xr35Of788whDSsMb1Vxw61icTF4aTTvKsBMRapLk7wG-BvCBpvKNgnEauytWJs6wwSFq2rrOEqL_k6jMZ94UqrUTUtzuuJcbIXT8aSpkMGRBwCqBqllxc06hr-u8RveNvHD3ITwlfLZQilVuZEmfgcPrCldJRokGji9JdFC2FPKrrb1AOtJIIn8vw0POgOP0fmhZFjDX0FZGs32zgIJIyWTYnOB-cPy5mlHfvQ1ZeHMQ9r9PSQhV8t6GHxjMPAcMMvO7evDG6v0IF7RhfSFFZMllV2TyOwaMPDZr_Aoj6HWMJ0ugRST_px68JnQpdLCoLXzS3XjpMswikuq3ehsAEyZyw2JMD4AQBoAYCgAeeo4g3qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKKMAtIICQiA4YAQEAEYHYAKA8gLAdgTAw&sigh=qgt-1zyBGt8&vt=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3065 42 B
590 B 58ms
57ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYl_TFUAn11gSOtA6aqzBvPYwjtK4ELPHEJDp0sboigfmmne-EDlTFBMqcORFpTEXYZvW3QLDPrnCSgV_CMg-E4ZXu9BDs8fIvSx3C2vBOlzgZXzxyZBLNOtqRvvxKQvNHiBxLf_Z25TxtlbfEOA-9&sai=AMfl-YSA0ZFGHUvPA6Ul4GEAOYanUO4ElogqM3TlD0YYQ14uwusxtCT8glC-lp4Md13LzNc50EmxlGUPKNal935Z1ZQNaC-XHSfEE229v8LjcpdrKo8VnM5wBaEptRc&sig=Cg0ArKJSzJBRG5QdttOBEAE&cid=CAASF-RoDdnGUdIjtwwfIKaXRrauALN2oD89&id=ampim&o=650,307&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=149&tls=1149&g=100&h=100&tt=1149&r=v&avms=ampa&adk=693116964

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 00:34:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/baueruk-winit/trc/3/ 20 KB
6 KB 110ms
108ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/baueruk-winit/trc/3/json?tim=02%3A34%3A14.181&lti=deflated&data=%7B%22id%22%3A858%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1599182215980%2C%22vi%22%3A1599352454178%2C%22cv%22%3A%2220200903-38-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22cdb%22%3A%22BOV0WdtOV0WdtCEABBAAABAAAAAMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1924%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-c%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Category%20Thumbnails%20-%20steamrailway.co.uk%22%2C%22orig_uip%22%3A%22Below%20Category%20Thumbnails%22%2C%22cd%22%3A1545.359375%2C%22mw%22%3A960%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f9c2c9ffcfddab172c83fca70a80891ff5764a3c83809b343fdb76ad8eee7e6

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 77
date: Sun, 06 Sep 2020 00:34:14 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4027-HHN
server: nginx
x-timer: S1599352454.198508,VS0,VE77
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 floating-unit.20200903-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
3 KB 31ms
31ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20200903-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815e71f93682ac4d4c829b8949fdeb3f4004ed0c8123eb48f922a5fc4363b54d

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OxasW2ESZsp_ENvRJPDQIc_fVWPhMXaJ
content-encoding: gzip
etag: "13079a2d7fd3c8ecce48ec8947e20cf3"
age: 47
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 2293
x-amz-id-2: fvUlX98koroB6/sW8Gd6+BLEH1waOvA5xfbuRrQxCXcMwza+KaSYqb0hRM8R7k0kfVtwNm9aA3g=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 00:42:45 GMT
server: AmazonS3
x-timer: S1599352454.313735,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
vary: Accept-Encoding
x-amz-request-id: 15C78FA410B7040E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 13

GET
H2 200 tb Show response
15.taboola.com/ 5 KB
4 KB 45ms
43ms Script
text/html 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=baueruk-winit&unitType=244&tbloc=&pageType=category&pstn=Below%20Category%20Thumbnails&uuip=Feed%20-%20Below%20Category%20Thumbnails%20-%20steamrailway.co.uk&cisrf=&cirf=https%3A%2F%2Fwinit-stage.steamrailway.co.uk%2F&encoded=1&uid=f9ada28b-660c-421c-b2a9-f63e87edcfd8-tuct64db406&variant=-100|493723&callback=TRC.videoTagCallbacks.videoCallback1&cb=1599352454301&tagid=&cntry=CZ&platform=1&normp=7&sesid=dd6cf2db82dbd3b4f383851372c667b1&itemid=/&viewid=1599352454178&geolat=&geoing=&deviceifa=&appid=&sd=v2_dd6cf2db82dbd3b4f383851372c667b1_f9ada28b-660c-421c-b2a9-f63e87edcfd8-tuct64db406_1599352454_1599352454_CNawjgYQo_RDGKL41obGLiABKAEwNzjBqwhA5okQSOPf3gNQ____________AVgBYABo4qaqkbKtl-Jw&ri=2c4701612f9ce69cd1ce56d67b242402&appname=&cdb=BOV0WdtOV0WdtCEABBAAABAAAAAMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&gdprApplies=true&rid=&sii=-5660168016422883356&oee=true&tpubid=1112611&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=10&hasGDPRConsent=false&tcfVersion=1&cmpStatus=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7df136afb6a489dbb2438677d8c2a1a7831e8a821ee0fa0eabb9716cd7be3785

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:14 GMT
content-encoding: gzip
machineid: 1450
x-cache: MISS
status: 200
x-cache-hits: 0
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1599352454.317054,VS0,VE11
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 feed-card-placeholder.20200903-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 31ms
31ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20200903-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ee1688ec4d5486a3c8b765c23f47c4841f502a2274958ad4b942066135cf8dc

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: SdLmEAVfmmu7CXunBmMEXgvTOnOGVdlU
content-encoding: gzip
etag: "b9237a67d571b0257a473ea44fc0092d"
age: 30
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1269
x-amz-id-2: AVQ9uEbDSZJHkpgy9vMhKrut9vUr5R5WxWD0AnQucjrUo80EfQ33VnFgVuTKelaKwcfH87f9q80=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 00:42:53 GMT
server: AmazonS3
x-timer: S1599352454.317218,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
vary: Accept-Encoding
x-amz-request-id: EC278AAF9A6A03A8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 62

GET
H2 200 userx.20200903-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 31ms
31ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200903-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c328fc55d5134953aa0a229c4d6866c275b1b74fba584aef01447594e4ff1a50

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QJKeSn7EeUtxkNWMHm0tTmZC6dLi6Eo3
content-encoding: gzip
etag: "d079b3a60b4426f7df5d7204bb8c2ae6"
age: 47
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7751
x-amz-id-2: kQTPLO5Dq5CggXvuZKvgjlg5Jo/3EDwQJ3wor9867wFs6NO/8UAjpm+LWCkY1vuoNd5kslUnYwg=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 00:42:20 GMT
server: AmazonS3
x-timer: S1599352454.325445,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
vary: Accept-Encoding
x-amz-request-id: 4AC22E5E1EA76048
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 21

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 31ms
31ms Image
image/svg+xml 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 57
via: 1.1 varnish
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: VIQeyhCMrfDhOUpQoRx8FwS5Rf7gW/WokX1KRzEBA+W/cXemQOTRoi9OOu5buWPJxIlTysCIK0U=
x-served-by: cache-hhn4027-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1599352454.334154,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 4710F6D0EB3E2E34
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 25
x-cache-hits: 42

GET
H2 200 98648cc0e2e9ebb7b95417ab50a161c5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 81 KB
81 KB 49ms
46ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6bd1bf8bd3b9ff608e43a787bf12d31312fbcbbefd40603e88a55399105ed48e

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2785222
edge-cache-tag: 568373583139898965899600086440108810048,442975860786867565733196949162448923360,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 11 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
content-length: 82469
x-served-by: cache-dca17721-DCA, cache-dca17779-DCA, cache-hhn4027-HHN
last-modified: Sat, 11 Jul 2020 06:59:57 GMT
server: cloudinary
x-timer: S1599352454.369496,VS0,VE1
etag: "d67c4c48de07c4f6b714865f9b6ca62e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 f474365cff6e89cb4df22ae1e68116da.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
46 KB 34ms
31ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: afa41d53021defca9fc4d496a513c7190ef2bcfae1a6b7735c159523b6b0d225

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4720952
edge-cache-tag: 496545423169548874064755903911186646119,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
content-length: 46625
x-request-id: 4d704ba0bc8df9641b02cb31c34f5539
x-served-by: cache-dca17721-DCA, cache-dca17720-DCA, cache-hhn4027-HHN
last-modified: Thu, 02 Jul 2020 10:16:51 GMT
server: cloudinary
x-timer: S1599352454.369060,VS0,VE1
etag: "73a9e9b97be61c90dfec54f868aada58"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 7c98719fb2a9527283988b67459ffcb9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 40ms
37ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c98719fb2a9527283988b67459ffcb9.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c802eff052fcf0aa2598d35a98d1b1b546553e0d420c2046ce6c4ab4f40e77b7

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2030145
edge-cache-tag: 607413377894229973513537555737201259237,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c98719fb2a9527283988b67459ffcb9.png
content-length: 22959
x-served-by: cache-dca17771-DCA, cache-dca17739-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 11:01:06 GMT
server: cloudinary
x-timer: S1599352454.369189,VS0,VE1
etag: "ea56f07123ca8c23782e32a4e4fcdb10"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 2081d6ebb929e3e5d5253ca257c742cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 210 KB
211 KB 56ms
54ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d9aa1ee60290361422f41c491613c50ea2198f3bcb3c400be47d61f86f220632

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 978870
edge-cache-tag: 343274640786025152502216061990111050267,442975860786867565733196949162448923360,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
content-length: 215534
x-served-by: cache-dca17728-DCA, cache-dca17780-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 10:58:52 GMT
server: cloudinary
x-timer: S1599352454.369279,VS0,VE2
etag: "f5081a0f567652a2be63317a9c1b5e7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 291bef6942993f958ad37006822185ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 46ms
44ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d8a376980248d9f4bec81c3b90711d172e1bc0bb206bbe07092d535a0cbdef46

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3935870
edge-cache-tag: 591613440650560367167537585801461898538,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 29 May 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
content-length: 12607
x-served-by: cache-dca17782-DCA, cache-dca17735-DCA, cache-hhn4027-HHN
last-modified: Tue, 28 Apr 2020 16:15:36 GMT
server: cloudinary
x-timer: S1599352454.369602,VS0,VE1
etag: "cd8b694bb06fd054153dba382223d27f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 c069cf359a38eba15c7d1e207c958ac3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
36 KB 42ms
40ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c069cf359a38eba15c7d1e207c958ac3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 687ba9b8a4b09ad23d4ad106673ecc34ba0f3feb4445f330af0eb3ccd66fd181

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2049216
edge-cache-tag: 374413411856224494289817445760487152356,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c069cf359a38eba15c7d1e207c958ac3.jpg
content-length: 36886
x-request-id: e67c5d5717eae00a2cf598844f3f66be
x-served-by: cache-dca17780-DCA, cache-dca17754-DCA, cache-hhn4027-HHN
last-modified: Wed, 05 Aug 2020 23:00:26 GMT
server: cloudinary
x-timer: S1599352454.369409,VS0,VE1
etag: "16a6cb0aa186ae8c6a2a4c87e467e757"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 next-up-widget.20200903-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 52ms
52ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20200903-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/baueruk-winit/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83ac92140ae77258e85039b5bb5003bc702fbdb966f13ba14a0df2d7ff8b0fe1

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: f7r70IJ2QFllIJbuk8Afrjg2lcwCuJdW
content-encoding: gzip
etag: "616caf3cbc9ac3b1600e94647e629b48"
age: 50
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 4367
x-amz-id-2: CxInZKfNnRZVapUAEfPtBCCAADT6FZ6Uk03JeJmOVSVbvuSrr45lwDZDcJdd/zZdYWmjicvmdmI=
x-served-by: cache-hhn4027-HHN
last-modified: Fri, 04 Sep 2020 00:42:41 GMT
server: AmazonS3
x-timer: S1599352454.372347,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
vary: Accept-Encoding
x-amz-request-id: 4896B837D29CD527
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 12

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ 80 KB
24 KB 59ms
58ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.4.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront), 1.1 varnish
age: 1992298
x-cache: Miss from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 23966
x-served-by: cache-hhn4027-HHN
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
server: AmazonS3
x-timer: S1599352454.384060,VS0,VE0
etag: "9284c0ece401137f8f576e2e3ba9e6c1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: AVQajGC1HkVS9mp5Qv6GDz8qSlpE24n02v6s-ag91QTg606KeYu-Fg==
x-cache-hits: 33825

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
622 B 58ms
58ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3698
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4027-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1599352454.383602,VS0,VE0
date: Sun, 06 Sep 2020 00:34:14 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 25
x-cache-hits: 1581

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: afa41d53021defca9fc4d496a513c7190ef2bcfae1a6b7735c159523b6b0d225

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4720952
edge-cache-tag: 496545423169548874064755903911186646119,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
content-length: 46625
x-request-id: 4d704ba0bc8df9641b02cb31c34f5539
x-served-by: cache-dca17721-DCA, cache-dca17720-DCA, cache-hhn4027-HHN
last-modified: Thu, 02 Jul 2020 10:16:51 GMT
server: cloudinary
x-timer: S1599352454.410727,VS0,VE0
etag: "73a9e9b97be61c90dfec54f868aada58"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c98719fb2a9527283988b67459ffcb9.png
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c802eff052fcf0aa2598d35a98d1b1b546553e0d420c2046ce6c4ab4f40e77b7

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2030145
edge-cache-tag: 607413377894229973513537555737201259237,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c98719fb2a9527283988b67459ffcb9.png
content-length: 22959
x-served-by: cache-dca17771-DCA, cache-dca17739-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 11:01:06 GMT
server: cloudinary
x-timer: S1599352454.411950,VS0,VE0
etag: "ea56f07123ca8c23782e32a4e4fcdb10"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d8a376980248d9f4bec81c3b90711d172e1bc0bb206bbe07092d535a0cbdef46

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3935870
edge-cache-tag: 591613440650560367167537585801461898538,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 29 May 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
content-length: 12607
x-served-by: cache-dca17782-DCA, cache-dca17735-DCA, cache-hhn4027-HHN
last-modified: Tue, 28 Apr 2020 16:15:36 GMT
server: cloudinary
x-timer: S1599352454.432361,VS0,VE0
etag: "cd8b694bb06fd054153dba382223d27f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 c069cf359a38eba15c7d1e207c958ac3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 36ms
35ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c069cf359a38eba15c7d1e207c958ac3.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 687ba9b8a4b09ad23d4ad106673ecc34ba0f3feb4445f330af0eb3ccd66fd181

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2049216
edge-cache-tag: 374413411856224494289817445760487152356,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c069cf359a38eba15c7d1e207c958ac3.jpg
content-length: 36886
x-request-id: e67c5d5717eae00a2cf598844f3f66be
x-served-by: cache-dca17780-DCA, cache-dca17754-DCA, cache-hhn4027-HHN
last-modified: Wed, 05 Aug 2020 23:00:26 GMT
server: cloudinary
x-timer: S1599352454.432343,VS0,VE0
etag: "16a6cb0aa186ae8c6a2a4c87e467e757"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6bd1bf8bd3b9ff608e43a787bf12d31312fbcbbefd40603e88a55399105ed48e

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2785222
edge-cache-tag: 568373583139898965899600086440108810048,442975860786867565733196949162448923360,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 11 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
content-length: 82469
x-served-by: cache-dca17721-DCA, cache-dca17779-DCA, cache-hhn4027-HHN
last-modified: Sat, 11 Jul 2020 06:59:57 GMT
server: cloudinary
x-timer: S1599352454.467218,VS0,VE0
etag: "d67c4c48de07c4f6b714865f9b6ca62e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d9aa1ee60290361422f41c491613c50ea2198f3bcb3c400be47d61f86f220632

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 978870
edge-cache-tag: 343274640786025152502216061990111050267,442975860786867565733196949162448923360,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_600%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
content-length: 215534
x-served-by: cache-dca17728-DCA, cache-dca17780-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 10:58:52 GMT
server: cloudinary
x-timer: S1599352454.468976,VS0,VE0
etag: "f5081a0f567652a2be63317a9c1b5e7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 f474365cff6e89cb4df22ae1e68116da.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 53ms
52ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 781458ef0493ca800b84523ab4c153bc3797713c09c8b465f1c74372fa3e5ee5

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4718036
edge-cache-tag: 496545423169548874064755903911186646119,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
content-length: 13043
x-request-id: 14a6a526a2d77a88deac071465653420
x-served-by: cache-dca17738-DCA, cache-dca17740-DCA, cache-hhn4027-HHN
last-modified: Thu, 02 Jul 2020 10:16:51 GMT
server: cloudinary
x-timer: S1599352454.479229,VS0,VE0
etag: "4433ab45954941bfb66926d905064d32"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 98648cc0e2e9ebb7b95417ab50a161c5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 52ms
52ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 328b53986bdb177a45982014eb28d3874d5c0ebc0d1a72c9b897c30f5b022406

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2127801
edge-cache-tag: 568373583139898965899600086440108810048,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 19 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
content-length: 7815
x-served-by: cache-dca17763-DCA, cache-dca17775-DCA, cache-hhn4027-HHN
last-modified: Sun, 19 Jul 2020 16:41:04 GMT
server: cloudinary
x-timer: S1599352454.479223,VS0,VE0
etag: "2bfdc3c90f8dc1495d620b737ab933b6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 2081d6ebb929e3e5d5253ca257c742cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 54ms
53ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a34d2ae09f174863eac515393350c5a304f322486f53ce84cb3726e7bec884b3

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2900681
edge-cache-tag: 343274640786025152502216061990111050267,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
content-length: 15533
x-request-id: 048df3f9a7276d99b86b12978d2b40c8
x-served-by: cache-dca17777-DCA, cache-dca17765-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 09:11:50 GMT
server: cloudinary
x-timer: S1599352454.480503,VS0,VE1
etag: "46f15ac835998c8b71d4c5d841e11b96"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 781458ef0493ca800b84523ab4c153bc3797713c09c8b465f1c74372fa3e5ee5

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4718036
edge-cache-tag: 496545423169548874064755903911186646119,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f474365cff6e89cb4df22ae1e68116da.jpg
content-length: 13043
x-request-id: 14a6a526a2d77a88deac071465653420
x-served-by: cache-dca17738-DCA, cache-dca17740-DCA, cache-hhn4027-HHN
last-modified: Thu, 02 Jul 2020 10:16:51 GMT
server: cloudinary
x-timer: S1599352455.547497,VS0,VE0
etag: "4433ab45954941bfb66926d905064d32"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 328b53986bdb177a45982014eb28d3874d5c0ebc0d1a72c9b897c30f5b022406

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2127801
edge-cache-tag: 568373583139898965899600086440108810048,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 19 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98648cc0e2e9ebb7b95417ab50a161c5.jpg
content-length: 7815
x-served-by: cache-dca17763-DCA, cache-dca17775-DCA, cache-hhn4027-HHN
last-modified: Sun, 19 Jul 2020 16:41:04 GMT
server: cloudinary
x-timer: S1599352455.547475,VS0,VE0
etag: "2bfdc3c90f8dc1495d620b737ab933b6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 2081d6ebb929e3e5d5253ca257c742cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 35ms
34ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a34d2ae09f174863eac515393350c5a304f322486f53ce84cb3726e7bec884b3

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 06 Sep 2020 00:34:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2900681
edge-cache-tag: 343274640786025152502216061990111050267,619149009496235914396518764768921979263,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2081d6ebb929e3e5d5253ca257c742cb.jpg
content-length: 15533
x-request-id: 048df3f9a7276d99b86b12978d2b40c8
x-served-by: cache-dca17777-DCA, cache-dca17765-DCA, cache-hhn4027-HHN
last-modified: Mon, 03 Aug 2020 09:11:50 GMT
server: cloudinary
x-timer: S1599352455.547446,VS0,VE0
etag: "46f15ac835998c8b71d4c5d841e11b96"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

POST
H2 204 bulk Show response
trc.taboola.com/baueruk-winit/log/3/ 0
311 B 43ms
42ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/baueruk-winit/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
date: Sun, 06 Sep 2020 00:34:15 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1599352455.360727,VS0,VE11
content-type: image/gif
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
231 B 104ms
40ms XHR
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185605-195019526585697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 06 Sep 2020 00:34:17 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status: 451
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 ads-bc58f3e99861bdad4892c545ec8d5cbf.js Show response
winit.stg.onebauer.media/assets/advertisement/ 160 B
374 B 57ms
56ms Script
application/javascript 99.80.128.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winit.stg.onebauer.media/assets/advertisement/ads-bc58f3e99861bdad4892c545ec8d5cbf.js
Requested by: Host: winit-stage.steamrailway.co.uk
URL: https://winit-stage.steamrailway.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-196.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: ec2f6569a3953d30bd3a7130e2fb3b8534b32f79677bae4c3bfd12831ff5ea6d

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rack-cors: preflight-hit; no-origin
date: Sun, 06 Sep 2020 00:34:18 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:36:07 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
content-length: 146

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 24 B
426 B 215ms
150ms XHR
application/json 99.86.2.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-85.fra6.r.cloudfront.net
Software: /
Resource Hash: d069bb2bd7519cc9b748da46e4b1d663e457baf0975f759b7b369626ebdded43

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:20 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront), 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, FRA6-C1
x-amzn-requestid: 01787de2-0b61-43f8-9e43-7b49428228f7
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Saw2CG5TiYcF2uA=
content-length: 24
x-amz-cf-id: dQd5wYafodWz264u16NifdxPQ81Z5-FIXKgzx0ijKTdlaT81TExnwA==

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
838 B 514ms
448ms XHR
application/json 143.204.201.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-32.fra53.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:21 GMT
content-encoding: gzip
server: restify
x-amz-cf-pop: FRA53-C1
status: 200
vary: Accept-Encoding,origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-id: eOpZoP_Ikx-YEiN-hgtcOtYrrFuaZ7yA_nIDKYwmZjKsic-9la0pWQ==
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
830 B 514ms
449ms XHR
application/json 143.204.201.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-32.fra53.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 00:34:21 GMT
content-encoding: gzip
server: restify
x-amz-cf-pop: FRA53-C1
status: 200
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-id: qhVQRp_Q32KX3IRLLswfU7lP3fqVlOElA5QzMSSUDCb8SgD5AMw6aQ==
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)

POST
H2 204 visible Show response
trc.taboola.com/baueruk-winit/log/3/ 0
87 B 40ms
40ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/baueruk-winit/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200903-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Sun, 06 Sep 2020 00:34:21 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1599352461.096821,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://winit-stage.steamrailway.co.uk
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 metrics
metrics-collector.s-onetag.com/ 0
0 192ms
68ms Other
application/json 76.223.7.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics-collector.s-onetag.com/metrics
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.7.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab51a9e8185f181d0.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winit-stage.steamrailway.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winit-stage.steamrailway.co.uk
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.steamrailway.co.uk/	1970-01-20 05:47:04	Name: __gads Value: ID=41ed5ada4d7fa096-22dd0e5012a600ba:T=1599352449:S=ALNI_MZBQpD3zSNWtD21g8GnHA8AlEY15Q
.steamrailway.co.uk/	1970-01-19 12:15:52	Name: _gat Value: 1
.steamrailway.co.uk/	1970-01-19 12:17:18	Name: _gid Value: GA1.3.2057535064.1599352449
.steamrailway.co.uk/	1970-01-20 05:47:04	Name: _ga Value: GA1.3.429869368.1599352449
.teads.tv/	1970-01-19 12:59:04	Name: cs Value: 1
winit-stage.steamrailway.co.uk/	1970-01-19 12:16:06	Name: _session_id Value: 2ea2863e73e838633b86b4ab60ba2ebc
winit-stage.steamrailway.co.uk/	1970-01-26 19:35:04	Name: visitor_uuid Value: 9cbb131e-47ed-4218-b1b9-0b5165f3f4ee
winit-stage.steamrailway.co.uk/	1970-01-26 19:35:04	Name: referer Value:

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: Invalid App Id: Must be a number or numeric string representing the application id.
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: sdkperf: it took 60 ms and 65288 bytes to load https://connect.facebook.net/en_US/sdk.js
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: sdkperf: init logged after 129 ms
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: domReady
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: XFBML Parsing Start 1
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=60e91f9c4f2fcd186cb082fc6f11f400&ua=modern_es6(Line 52) Message: XFBML Parsing Finish 1, 0 tags found
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://winit-stage.steamrailway.co.uk/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C7sYBgy5UX_awEsmC1gbY_Z6wBuqPhvNek_WClJwMz5qp0NAbEAEghJS6LGDM4e2B_C6gAcrc98gDyAECqQIPQG9ZiwFoPuACAKgDAaoEgQJP0K2xr35Of788whDSsMb1Vxw61icTF4aTTvKsBMRapLk7wG-BvCBpvKNgnEauytWJs6wwSFq2rrOEqL_k6jMZ94UqrUTUtzuuJcbIXT8aSpkMGRBwCqBqllxc06hr-u8RveNvHD3ITwlfLZQilVuZEmfgcPrCldJRokGji9JdFC2FPKrrb1AOtJIIn8vw0POgOP0fmhZFjDX0FZGs32zgIJIyWTYnOB-cPy5mlHfvQ1ZeHMQ9r9PSQhV8t6GHxjMPAcMMvO7evDG6v0IF7RhfSFFZMllV2TyOwaMPDZr_Aoj6HWMJ0ugRST_px68JnQpdLCoLXzS3XjpMswikuq3ehsAEyZyw2JMD4AQBoAYCgAeeo4g3qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKKMAtIICQiA4YAQEAEYHYAKA8gLAdgTAw&sigh=qgt-1zyBGt8&vt=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
38998fb3eb1f40b3921d2c7f79748125.safeframe.googlesyndication.com
a.teads.tv
ads.rubiconproject.com
adservice.google.com
adservice.google.cz
adservice.google.de
api.rlcdn.com
b9d16cb78ffd96bc06e3009b57d1534d.safeframe.googlesyndication.com
bauer-uk-d.openx.net
beacon.s-onetag.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.exelator.com
cdn.taboola.com
connect.facebook.net
dfp-gateway.s-onetag.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
get.s-onetag.com
googleads.g.doubleclick.net
images.taboola.com
js-sec.indexww.com
js.gumgum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
metrics-collector.s-onetag.com
mydmp.exelator.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
s8t.teads.tv
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
t.teads.tv
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
winit-cdn-staging.bauerassets.com
winit-stage.steamrailway.co.uk
winit.stg.onebauer.media
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.111.230.142
104.111.238.139
104.111.242.245
143.204.201.32
143.204.201.36
143.204.201.40
143.204.201.44
143.204.201.47
147.75.102.200
151.101.113.44
172.217.18.162
2.18.232.7
2.18.234.21
2001:4de0:ac19::1:b:3a
2600:9000:2057:ee00:5:9a4c:9b00:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:819::2001
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2002
2a00:1450:400c:c0c::9b
2a02:2638::3
2a02:26f0:64:596::36f1
2a03:2880:f01c:8012:face:b00c:0:3
34.98.64.218
35.244.174.68
52.210.79.36
63.34.98.13
63.35.118.223
69.173.144.141
76.223.7.58
99.80.128.196
99.86.2.101
99.86.2.85
99.86.5.213
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05148a217f01f1d6b7a9e90813a2c58d0dbbd947f76cbcbba24e4c0411463b08
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0b559794f79ae786ec29c3798c4356bed288f7b360c49ed960bc2a2649f3aa4c
0f9c2c9ffcfddab172c83fca70a80891ff5764a3c83809b343fdb76ad8eee7e6
1cd053a68708735d12cc65db146655efc821eac3f525392cafe8126734a4568b
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
21fb271392e0c7a737fb39243d3726a125a1282d2a0853cb910a87c1b890b525
232f9e73eab0e421acd09c3f22b8661d1a316cd952deab5467db33be56491dfa
28bdea4709af0b40e3e4fa836859c423a8730dbc66c8ba9f9b5af8b883e20dc6
2e0a65b579e322fd2da9762b3b18dfed0e07a338bc6bd0b4a59d29d88f7a72d4
2f6a219b94c9860a57a830d19300f6cc8563133d13956ddf20665f9624b6951a
30cfde8a99cbbfb145edbaee540db712a5c6e8efa9e0b8209d803a7d4ecbdbbb
328b53986bdb177a45982014eb28d3874d5c0ebc0d1a72c9b897c30f5b022406
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21
34f87e0c581965fd8d6c84d6471484e72903f767e82c193b1b4c2cda7f8036f6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ea378ba94dea9e415f781c39bd2e495addc4f7cba8e9523d712b074151bb81a
42baaf9ce3762529bdeeee223a28bc895e257bc2e636bd638691a11c3cd05cb7
48923bea5d63ec2e0c19818b884e9582df842f498e337f47f2d952cc77fb59fa
4ad61b80c8e1e03754217cc9faf9b9b85aed1c976ddfc794df78842cbe6b49c6
4d19ce65287a933ab93698d9e443f3c68dfff6dc050fa5d909f56f350879d2b7
53151d4cde0bb9594825247bd8b6510ba53abaa4cc69ecb5459cc4419e885d33
558a6485b2a86c29318c69b539557e94cfb08fe350d3b7dbcba438149e4bb7a6
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
687ba9b8a4b09ad23d4ad106673ecc34ba0f3feb4445f330af0eb3ccd66fd181
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd1bf8bd3b9ff608e43a787bf12d31312fbcbbefd40603e88a55399105ed48e
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70
6efa35d6c61966ed4bd2fbbfa9804746825a21a5047ea08e02ec41bdb79a3190
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
775ddfe657eb4ad24d52571735309d6f1262075b146026e8e6940401f3804503
781458ef0493ca800b84523ab4c153bc3797713c09c8b465f1c74372fa3e5ee5
7b60c5d87f789e3b11a230a135337e5b45ed387b17de99558f5b65ea8941b03f
7d8036258928074ad444f8899ea5f83856daa28ca6bedae215b8429263fea028
7df136afb6a489dbb2438677d8c2a1a7831e8a821ee0fa0eabb9716cd7be3785
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
815e71f93682ac4d4c829b8949fdeb3f4004ed0c8123eb48f922a5fc4363b54d
82bc3b529be4362e1bc064aa71c0d97782d9da8c7f2fba62bd27c13d46badaab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ac92140ae77258e85039b5bb5003bc702fbdb966f13ba14a0df2d7ff8b0fe1
87461043d374c19c3d125ce85e48f541875d98715fb4029555b17858d8929eda
8ae3b7a22968cf710505139f667b453594923d364e919f0350ee36d136595873
8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277
8ee1688ec4d5486a3c8b765c23f47c4841f502a2274958ad4b942066135cf8dc
9052f93873eeb4ae10b464d978fd43468db2bf3c5b94d380ae980314363e65a5
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f2b8babf48aa8176622bfc39dd97c1e4695ff3ac17f031d69965129fac18990
9fe15e1925ef9968295045304bfa42418d3a04b16aecf9196fc6ad7959e24eff
a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0
a187e41d6f0d59eea50327a487d8c7c39d7b2c1e7bac4263fb1d40403914b442
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a34d2ae09f174863eac515393350c5a304f322486f53ce84cb3726e7bec884b3
a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424
ab55c01863c6acf8890e8fb65e707c4768ba3775e30c9ea21171c55c2ed83f93
accafc853d1580c8df9526a9b02194296092bba3cae134aa7c88ff3d4981bd8d
af517de65e4d2beaa3da8659682a9daaf863b96f59567e7550b7a1812a4f97e1
afa41d53021defca9fc4d496a513c7190ef2bcfae1a6b7735c159523b6b0d225
b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8
b416445cf5b874a1c5bd93a67fc5c7764d17b2dd9f1f2d84af5dbeb34f3b7843
b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398
b6446b612cf744b1c1b1fa55d6fa7ef3f32ecb3eb57e91594b7cba421735899f
c328fc55d5134953aa0a229c4d6866c275b1b74fba584aef01447594e4ff1a50
c802eff052fcf0aa2598d35a98d1b1b546553e0d420c2046ce6c4ab4f40e77b7
cd3d0d4651fa31d8c597516a43797c3c71b8216a580911eaf649209ccfa7cab7
d069bb2bd7519cc9b748da46e4b1d663e457baf0975f759b7b369626ebdded43
d0708826ae5d7a8c83d5527dbdcb0ae72174c31e7b11ad93a24e39bcbbfd47eb
d640ed39630d91dec61dcb107b977293ec29fecbb5e74467e017d872bf76b0db
d8a376980248d9f4bec81c3b90711d172e1bc0bb206bbe07092d535a0cbdef46
d9aa1ee60290361422f41c491613c50ea2198f3bcb3c400be47d61f86f220632
dc03e77d2d1169ef623ed6eeb31aae084c2dac05eacbc22141ba625a2e300628
e0469588de205811965467fafdeef092e8f7b835f1730bd2f35c426c7150c4d4
e3920b9da73df8f5f2f0146fb8da27a3869b54e084208da0562472aeccb78766
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d7359a405772cf213e3f522f46fcda202fafd5bed7353957ac907c55d3b9c3
e58d3ad2c45ce14d3b714ec15d306fa27fd8ef02c1150d51ba22cc5ae892e842
eb370255d625b3e8715144e6dee8c197cbcf9d710403cfaa6dc1f8b1adb00417
ec2f6569a3953d30bd3a7130e2fb3b8534b32f79677bae4c3bfd12831ff5ea6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22dbe060b04be54986a8ba22945169722b5e029346a5aae0b4b897d4b3192f5
f40c0293a68c46d8cbf60ae386fa32deb5e5a8ca3edf7f4de5f2d1303d199321
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
f8c28c8163c0e3f1c9feaea9225db21ef920419f174400b5f12619e8d800a5bd
fa9df5db96eb2c5f1ca9d4347b72b5ce8461304a1cf4333ab3ce18d16fc45be3
fd17d5d10d3d65855d4f24d36cc50df643f2d8ab85862dc49c82b464b52b15b0
fe66a5a463f1557b446022abd23c34e04d05c7f740cf0cbca11aea4e22d3da86

winit-stage.steamrailway.co.uk Open in urlscan Pro 52.210.79.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

150 Requests

100 %HTTPS

44 %IPv6

29 Domains

52 Subdomains

43 IPs

8 Countries

6714 kBTransfer

10510 kBSize

8 Cookies

15 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winit-stage.steamrailway.co.uk Open in urlscan Pro
52.210.79.36 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

100 %
HTTPS

44 %
IPv6

29
Domains

52
Subdomains

43
IPs

8
Countries

6714 kB
Transfer

10510 kB
Size

8
Cookies

150 HTTP transactions
4 data transactions