URL: http://pubg-gfx-pro.com/
Submission: On March 23 via api from US — Scanned from DE

Summary

This website contacted 58 IPs in 9 countries across 46 domains to perform 224 HTTP transactions. The main IP is 167.71.177.229, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is pubg-gfx-pro.com.
This is the only time pubg-gfx-pro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 167.71.177.229 14061 (DIGITALOC...)
24 199.232.196.124 54113 (FASTLY)
7 199.232.192.124 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 88.221.169.143 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.138.23.218 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
12 205.185.216.10 20446 (STACKPATH...)
11 2a00:1450:400... 15169 (GOOGLE)
8 2a04:4e42:8d:... 54113 (FASTLY)
2 4 18.198.69.109 16509 (AMAZON-02)
1 18.171.18.216 16509 (AMAZON-02)
2 35.178.217.194 16509 (AMAZON-02)
2 72.21.195.65 16509 (AMAZON-02)
1 63.34.81.234 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.52 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
1 104.18.10.47 13335 (CLOUDFLAR...)
2 2.19.35.65 16625 (AKAMAI-AS)
22 151.101.130.137 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.185.102 15169 (GOOGLE)
1 3.225.82.51 14618 (AMAZON-AES)
2 54.171.113.1 16509 (AMAZON-02)
4 162.247.243.29 54113 (FASTLY)
1 184.24.171.130 16625 (AKAMAI-AS)
2 3.209.41.104 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.19.150.54 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 108.138.4.150 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
2 4 185.89.211.116 29990 (ASN-APPNEX)
7 34.107.254.252 396982 (GOOGLE-CL...)
14 2a00:1450:400... 15169 (GOOGLE)
6 34.107.222.173 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 11 142.250.186.162 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 34.149.12.213 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
2 23.54.115.36 16625 (AKAMAI-AS)
1 23.54.112.33 16625 (AKAMAI-AS)
1 146.75.118.132 54113 (FASTLY)
1 64.202.112.191 22075 (AS-OUTBRAIN)
224 58
Apex Domain
Subdomains
Transfer
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
168 KB
23 googlesyndication.com
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
128 KB
22 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 354
59 KB
19 vox-cdn.com
cdn.vox-cdn.com — Cisco Umbrella Rank: 12069
concertads-configs.vox-cdn.com — Cisco Umbrella Rank: 15427
597 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
944 KB
12 megaphone.fm
player.megaphone.fm — Cisco Umbrella Rank: 18861
assets.megaphone.fm — Cisco Umbrella Rank: 87443
367 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2577
api.permutive.com — Cisco Umbrella Rank: 1871
337 KB
8 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 5896
vtrk.doubleverify.com — Cisco Umbrella Rank: 1427
cdn.doubleverify.com — Cisco Umbrella Rank: 483
rtb0.doubleverify.com — Cisco Umbrella Rank: 700
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15795
41 KB
8 imgix.net
megaphone.imgix.net — Cisco Umbrella Rank: 19462
41 KB
7 concert.io
cdn.concert.io — Cisco Umbrella Rank: 10170
137 KB
6 permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app — Cisco Umbrella Rank: 17290
1 KB
6 voxmedia.com
phonograph2.voxmedia.com — Cisco Umbrella Rank: 21205
apps.voxmedia.com — Cisco Umbrella Rank: 19850
auth.voxmedia.com — Cisco Umbrella Rank: 21015
8 KB
6 pubg-gfx-pro.com
pubg-gfx-pro.com
904 KB
5 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1611
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535
4 KB
5 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1996
6 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 456
mb.moatads.com — Cisco Umbrella Rank: 721
geo.moatads.com — Cisco Umbrella Rank: 730
99 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
4 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 241
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax.amazon-adsystem.com — Cisco Umbrella Rank: 790
60 KB
4 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1309
3 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1391
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3282
odb.outbrain.com — Cisco Umbrella Rank: 1874
71 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 7940
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3662
4 KB
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 10469
log.outbrainimg.com — Cisco Umbrella Rank: 2533
789 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 731
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4619
651 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 749
s.tribalfusion.com — Cisco Umbrella Rank: 1837
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8820
696 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 682
451 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 892
1 KB
2 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3020
ads.rubiconproject.com — Cisco Umbrella Rank: 2336
142 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
40 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2692
p1.parsely.com — Cisco Umbrella Rank: 2039
23 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
76 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446
712 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1426
584 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31935
608 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 740
715 B
1 besafe.global
cdn.besafe.global — Cisco Umbrella Rank: 17204
29 KB
1 prmutv.co
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co — Cisco Umbrella Rank: 24301
226 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1125
17 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5205
263 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 612
14 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 808
12 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
224 46
Domain Requested by
22 js-agent.newrelic.com player.megaphone.fm
18 cdn.vox-cdn.com pubg-gfx-pro.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
11 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
11 www.gstatic.com www.recaptcha.net
www.gstatic.com
10 assets.megaphone.fm player.megaphone.fm
assets.megaphone.fm
8 megaphone.imgix.net player.megaphone.fm
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 api.permutive.com cdn.permutive.com
7 cdn.concert.io pubg-gfx-pro.com
cdn.concert.io
6 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app cdn.permutive.com
6 pubg-gfx-pro.com pubg-gfx-pro.com
cdn.vox-cdn.com
5 www.recaptcha.net pubg-gfx-pro.com
www.gstatic.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 ib.adnxs.com 2 redirects cdn.permutive.com
googleads.g.doubleclick.net
4 bam.nr-data.net player.megaphone.fm
4 loadus.exelator.com 2 redirects player.megaphone.fm
4 phonograph2.voxmedia.com pubg-gfx-pro.com
phonograph2.voxmedia.com
3 c.amazon-adsystem.com cdn.concert.io
c.amazon-adsystem.com
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 cdn.doubleverify.com 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
cdn.doubleverify.com
2 googleads.g.doubleclick.net 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
2 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 cdn.permutive.com cdn.concert.io
cdn.permutive.com
2 fonts.gstatic.com www.recaptcha.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 vtrk.doubleverify.com pub.doubleverify.com
2 ad-delivery.net pubg-gfx-pro.com
2 pub.doubleverify.com cdn.concert.io
pub.doubleverify.com
2 www.google-analytics.com player.megaphone.fm
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 geo.moatads.com z.moatads.com
2 player.megaphone.fm pubg-gfx-pro.com
2 z.moatads.com pubg-gfx-pro.com
z.moatads.com
2 www.googletagservices.com pubg-gfx-pro.com
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
1 log.outbrainimg.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 widgets.outbrain.com pubg-gfx-pro.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 cdn.besafe.global 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co cdn.permutive.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.cdn.fastclick.net pubg-gfx-pro.com
1 id.sv.rkdms.com js-sec.indexww.com
1 ad.doubleclick.net pubg-gfx-pro.com
1 micro.rubiconproject.com cdn.concert.io
1 js-sec.indexww.com cdn.concert.io
1 btloader.com cdn.concert.io
1 auth.voxmedia.com cdn.vox-cdn.com
1 concertads-configs.vox-cdn.com cdn.concert.io
1 p1.parsely.com pubg-gfx-pro.com
1 mb.moatads.com z.moatads.com
1 apps.voxmedia.com cdn.concert.io
1 cdn.parsely.com pubg-gfx-pro.com
1 z-na.associates-amazon.com pubg-gfx-pro.com
0 api.rlcdn.com Failed js-sec.indexww.com
0 match.adsrvr.org Failed js-sec.indexww.com
224 73
Subject Issuer Validity Valid
pubg-gfx-pro.com
R3
2023-03-23 -
2023-06-21
3 months crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1
2023-01-15 -
2024-02-16
a year crt.sh
concert.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-25 -
2024-01-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
misc.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
assoc-na.associates-amazon.com
Amazon
2022-06-18 -
2023-06-17
a year crt.sh
*.americanninjawarriornation.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-18 -
2023-12-20
a year crt.sh
*.megaphone.fm
Sectigo RSA Domain Validation Secure Server CA
2022-05-31 -
2023-05-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1
2023-03-05 -
2024-04-05
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-05 -
2023-08-05
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-12-05 -
2024-01-06
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
*.google.de
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.prmutv.co
R3
2023-03-14 -
2023-06-12
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
api.permutive.com
R3
2023-02-16 -
2023-05-17
3 months crt.sh
*.partner.permutive.app
R3
2023-03-14 -
2023-06-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-07
a year crt.sh
cdn.besafe.global
Amazon RSA 2048 M01
2023-02-23 -
2023-06-24
4 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-11
a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-02 -
2024-03-02
a year crt.sh

This page contains 16 frames:

Primary Page: http://pubg-gfx-pro.com/
Frame ID: AF28547BB31045EDD9CCA80ED69DECD7
Requests: 112 HTTP requests in this frame

Frame: https://player.megaphone.fm/VMP2271799078?light=true
Frame ID: 3EABE2589A735AC5C263352C66E82D64
Requests: 25 HTTP requests in this frame

Frame: https://player.megaphone.fm/VMP2413538767?light=true
Frame ID: AE9624971B7B152B8389EC15771B28A1
Requests: 25 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 092071F14AE68E090497C94E7727FDD1
Requests: 1 HTTP requests in this frame

Frame: http://phonograph2.voxmedia.com/third.html
Frame ID: 50EB184A6AC31DC3DFFD8DCC9C14B65C
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=ieiqf91nlz75
Frame ID: 757259FFA2F8F8947429F1F74B4CA059
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=i36v6pdov60l
Frame ID: 1E11A92315B8EB40D01D499EE886A157
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=7y9uua3y2vu8
Frame ID: 52C8D6505EF7971730FFC80F49F9D553
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=avapody5d0rn
Frame ID: 0055541E9296AFCFC80D1B188C7D3F1C
Requests: 5 HTTP requests in this frame

Frame: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30B12F7820895A82D9C6BBEFBED6A48F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 095BC2CD8740DA3B151DFCC1A3A81720
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D003132B2FE0667BAC275F2180E284C
Requests: 2 HTTP requests in this frame

Frame: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D4C7264539403FC2461E6A33E421C3D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Frame ID: 6F42A330D61A4E20B609687D3B8729BA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50F64490EB223499B3031C932955082B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DDC48F8DC23D0638371EAB9BE0312E67
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Vox - Understand the Newsclockmenumore-arrownoyesmobileSearchPlayPlayPlayvox-markvox-markVox Media

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

224
Requests

87 %
HTTPS

33 %
IPv6

46
Domains

73
Subdomains

58
IPs

9
Countries

4338 kB
Transfer

11480 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://loadus.exelator.com/load/?p=928&g=22&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
Request Chain 46
  • https://loadus.exelator.com/load/?p=928&g=22&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBvomkaKG3MPPJkY2NxQzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJmuVItrubigEhOnFme30-k&google_cver=1
Request Chain 194
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzNzYxODE3Mjc5NTcyNjgxOQ%3D%3D
Request Chain 208
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 209
  • https://um.simpli.fi/gp_match?google_gid=CAESENgvHJK_U3JJwD4Fj42GSBQ&google_cver=1&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlKg1BXtsZkhc_YZrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F95E0D7EF0BC4BB7BB5AE659B69969B8&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlKg1BXtsZkhc_YZrw
Request Chain 210
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDEdJq-ge1HAObrH_vxOxC8&google_cver=1&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtGZ0jTBvfJ5aHGJti5sxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtGZ0jTBvfJ5aHGJti5sxA&google_hm=J7aql897Rb6qdtuKVUzbFLs
Request Chain 211
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBcZJ7RGFbwTXbUdIOSBBFo&google_cver=1&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07jg1eEul8zsEuxgh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzYxNDk3NjMwNjI0NzgyOA%3D%3D&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07jg1eEul8zsEuxgh
Request Chain 212
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJOcKAmRorki2B2rlp1sbWw&google_cver=1&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRvgEylqIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRvgEylqIw&google_hm=eS01djA4cXFGRTJwRzhxdXNqN0Fqa0FzY1Q2cjE5TUJCR35B
Request Chain 213
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKUkcmBCCPoPNmj9_rUv3Mg&google_cver=1&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKUkcmBCCPoPNmj9_rUv3Mg&google_cver=1&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg
Request Chain 214
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKR6RrHA0BUgugKPSNT3SyU&google_cver=1&google_push=Aa02lx_wK63LnYS77Gb9tW8P4k6T8UCRUa4hRXWXw1MBjnDl_s7MHIQtbNejky9z2knG1s4MQ0gM-I8ybWLZeSF6INiXTEEGfNQeVg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKR6RrHA0BUgugKPSNT3SyU&google_cver=1&google_push=Aa02lx_wK63LnYS77Gb9tW8P4k6T8UCRUa4hRXWXw1MBjnDl_s7MHIQtbNejky9z2knG1s4MQ0gM-I8ybWLZeSF6INiXTEEGfNQeVg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RVZwXuT1RsOTQcQS2HTWuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wK63LnYS77Gb9tW8P4k6T8UCRUa4hRXWXw1MBjnDl_s7MHIQtbNejky9z2knG1s4MQ0gM-I8ybWLZeSF6INiXTEEGfNQeVg

224 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pubg-gfx-pro.com/
317 KB
317 KB
Document
General
Full URL
http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
fbaa4537828b59283670713628c19e8f1ed7dc03000f21da6dd0a01d9ee591d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Thu, 23 Mar 2023 05:50:15 GMT
Server
nginx/1.15.7
Transfer-Encoding
chunked
hub_pages.css
pubg-gfx-pro.com/style/community/441/group/24015/81a794609eda2d4f078d696623528571/
158 KB
158 KB
Stylesheet
General
Full URL
https://pubg-gfx-pro.com/style/community/441/group/24015/81a794609eda2d4f078d696623528571/hub_pages.css
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
3e97eb974517ac434dcf616024734e65fb24e279d488997c549954b3d8eebfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/css; charset=utf-8
date
Thu, 23 Mar 2023 05:50:15 GMT
server
nginx/1.15.7
chorus.css
pubg-gfx-pro.com/style/community/441/group/24015/c1bbbf06a2d9ed2c1a782cca428cd6ca/
407 KB
407 KB
Stylesheet
General
Full URL
https://pubg-gfx-pro.com/style/community/441/group/24015/c1bbbf06a2d9ed2c1a782cca428cd6ca/chorus.css
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
30e64f66647d01be3c5128d524c55fe61e1fbf467efc1ad81003448e1335b2d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/css; charset=utf-8
date
Thu, 23 Mar 2023 05:50:15 GMT
server
nginx/1.15.7
concert_ads-39629d26f571563b556c.js
cdn.vox-cdn.com/packs/js/
99 KB
35 KB
Script
General
Full URL
https://cdn.vox-cdn.com/packs/js/concert_ads-39629d26f571563b556c.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c835b178bc45f20688a788b8520596c1aaa8dd59d8589ed426ee9b3852382986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://pubg-gfx-pro.com/
Origin
http://pubg-gfx-pro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
216VNQMHD369XZYN
age
554068
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34993
x-amz-id-2
RmeIxSIWQF5YviuSBLaUAjVpDwbScOcafsaMXzLo2tGbC0lCepHzxcLXp36YD0bWWwXaJRoz27I=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Thu, 16 Mar 2023 13:42:27 GMT
server
AmazonS3
x-timer
S1679550616.439252,VS0,VE0
etag
"9b157357d44f3a00992a066c3ee7bc4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
43
concert_ads.js
cdn.concert.io/lib/concert-ads/v2-latest/
432 KB
119 KB
Script
General
Full URL
https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
342a6ed3767184b226e5687574148d20de12d8f24cc52505b079337dd944daba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
P61EFBDWN1GVT91A
age
651313
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
concert-delivery-system
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121710
x-amz-id-2
OAmY6eHVnIEokXA55jQQl2QqkEjRHbopG7vdpjD2F8JrOxcNCKjNil6Z+E6et1F/lFMdL1dAUFXXQgwjVAtDlKBumXMTkFDslPW5/oX3iD8=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Wed, 15 Mar 2023 16:55:03 GMT
server
AmazonS3
x-timer
S1679550616.432232,VS0,VE0
etag
"ba9abb271fcf45074d022b35369f731a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
12399
gpt.js
www.googletagservices.com/tag/js/
78 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
454105f998c444a5afe66a8f050bf130707848b20a67b806c4f5751ff212e903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27487
x-xss-protection
0
server
sffe
etag
"1519 / 924 of 1000 / last-modified: 1679523324"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 05:50:16 GMT
concert-concierge.2.8.0.min.js
cdn.concert.io/lib/
49 KB
16 KB
Script
General
Full URL
https://cdn.concert.io/lib/concert-concierge.2.8.0.min.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
YAKATTQ8V7WVTRTX
age
257211
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
concert-delivery-system
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16156
x-amz-id-2
V4DOeVyIm4yT8M5Gs8O4nQs9veqyVpihP+Uae6h98HzvuSHNKP1w9f3KWALxbPeJfcdznsg3jCM=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Fri, 15 May 2020 15:14:13 GMT
server
AmazonS3
x-timer
S1679550616.432235,VS0,VE0
etag
"d685c8f98156cbe695d939f995676060"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-cache-hits
1548
moatheader.js
z.moatads.com/voxprebidheader841653991752/
282 KB
97 KB
Script
General
Full URL
https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97674122e49cec717cbc937b678f5fd66f80acd75e031b5ee23c328751e261cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 15:59:05 GMT
server
AmazonS3
x-amz-request-id
ZK8QHA1Q140N2RT9
etag
"7be72a3dc9e5bd4b9b745e3c72d5dc04"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28030
accept-ranges
bytes
content-length
98364
x-amz-id-2
0w3AaEZMmTOcXWGvRyOionjNmQyScKf8NlwOl7FVwJWSM7CNxRW+PF/Hhys/kAs+9D7s5UrN3UXuaALhXM9oeQ==
GettyImages_1471903773.0.jpg
cdn.vox-cdn.com/thumbor/tNH4LKgATQzWp8aHMBKfCAkmplw=/0x0:5207x3473/960x540/filters:focal(2655x522:3487x1354):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72103224/
24 KB
25 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/tNH4LKgATQzWp8aHMBKfCAkmplw=/0x0:5207x3473/960x540/filters:focal(2655x522:3487x1354):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72103224/GettyImages_1471903773.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
f66582475fc8fb5efedf2071da10c61e66624f390596dab1eb319e4188e3d8c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
36313
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25082
x-served-by
cache-iad-kiad7000130-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.439287,VS0,VE1
etag
"4da53e020adb6c9461075c11f58b60ba2adf6cd8"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 07:45:03 GMT
drug_shortage.0.jpg
cdn.vox-cdn.com/thumbor/WQKpI93q6A_soR2S7CTRpAC27VA=/0x0:3000x2000/500x281/filters:focal(1293x869:1773x1349):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/71711456/
12 KB
12 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/WQKpI93q6A_soR2S7CTRpAC27VA=/0x0:3000x2000/500x281/filters:focal(1293x869:1773x1349):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/71711456/drug_shortage.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
0b3312f9fcc8002689bb6625a2a7fd4ece9b0c870ce26295f01d704aada432c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
4, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
36241
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11808
x-served-by
cache-iad-kjyo7100145-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.439538,VS0,VE1
etag
"6eb1a9d881c8a487d86dc228b82448c1fde76615"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 07:46:15 GMT
1244596543.0.jpg
cdn.vox-cdn.com/thumbor/DJ_apTejjPHnnvo11AzOWUkBXFg=/0x0:3125x2084/500x281/filters:focal(1192x860:1692x1360):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72099305/
7 KB
7 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/DJ_apTejjPHnnvo11AzOWUkBXFg=/0x0:3125x2084/500x281/filters:focal(1192x860:1692x1360):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72099305/1244596543.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
31c3630a3be53c83e816a48d2a8f2ed6902818335200efdbe211704bebb5c831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
6, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
118173
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7058
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.439537,VS0,VE1
etag
"2a9d73a870fd43dcb254b206c862868753bc1d1a"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 09:00:43 GMT
1248546533.0.jpg
cdn.vox-cdn.com/thumbor/9VL-sIFwJHpikZXFFNA9_Lr_0js=/0x0:5472x3648/500x281/filters:focal(2511x880:3385x1754):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101389/
19 KB
19 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/9VL-sIFwJHpikZXFFNA9_Lr_0js=/0x0:5472x3648/500x281/filters:focal(2511x880:3385x1754):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101389/1248546533.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
91f6dc55f72a391470957d76d7b57c16a2706cbfa84de9f212cf1e06e608e1f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
14, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
67459
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19212
x-served-by
cache-iad-kjyo7100137-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.439759,VS0,VE1
etag
"23dac0cec759b38535d215f634ec294c14858f6f"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 23:05:57 GMT
1475093929.0.jpg
cdn.vox-cdn.com/thumbor/DaHM1B7lXVTu2PEWTN6L0z9Bfv0=/0x0:4925x3247/500x281/filters:focal(734x320:1522x1108):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72099399/
26 KB
26 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/DaHM1B7lXVTu2PEWTN6L0z9Bfv0=/0x0:4925x3247/500x281/filters:focal(734x320:1522x1108):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72099399/1475093929.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
b000ec3ea5528c96ffe16f35e7428ea2630824ad84d68ef1206429fc727ff3e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
1371, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
124721
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26580
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.439759,VS0,VE1
etag
"eb0cdaf3ad04938ff930d20829cfa69f80a32cf6"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 07:11:35 GMT
GettyImages_968561996.24.jpg
cdn.vox-cdn.com/thumbor/pmlagq1tjW_TdndqdnfnOm39d1M=/0x0:7191x4799/500x281/filters:focal(2076x1968:3226x3118):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/54937663/
28 KB
28 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/pmlagq1tjW_TdndqdnfnOm39d1M=/0x0:7191x4799/500x281/filters:focal(2076x1968:3226x3118):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/54937663/GettyImages_968561996.24.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
980f9c7d82e02ffc3f14439f149a1fa197ba865911036aea3f930a7dcafa3be4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
145, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
33525
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
28936
x-served-by
cache-iad-kcgs7200084-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.442399,VS0,VE1
etag
"3fdc835fb73a80af63ba3b3252f88363636554c8"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 08:31:31 GMT
907114442.0.jpg
cdn.vox-cdn.com/thumbor/D4-_4Jc19a9LjydS7LxhAvGmp8M=/0x0:5184x3456/500x281/filters:focal(2178x1314:3006x2142):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101524/
35 KB
35 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/D4-_4Jc19a9LjydS7LxhAvGmp8M=/0x0:5184x3456/500x281/filters:focal(2178x1314:3006x2142):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101524/907114442.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
32fe9f6bc00c73a3895d7a9c8db60f3b27028d4b4f66b2490b86b510dbf23251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
13, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
61350
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
35510
x-served-by
cache-iad-kcgs7200173-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.442387,VS0,VE1
etag
"1d2a2b947328f5849dc0cb9b0130d19cbc161906"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 00:47:45 GMT
GettyImages_1248967062.0.jpg
cdn.vox-cdn.com/thumbor/iYSR2zub53MEG79PY1EndvfEvTg=/0x0:3882x2588/500x281/filters:focal(1252x1433:1872x2053):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101986/
7 KB
8 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/iYSR2zub53MEG79PY1EndvfEvTg=/0x0:3882x2588/500x281/filters:focal(1252x1433:1872x2053):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101986/GettyImages_1248967062.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
bb3d9e567c08b8593407b5dec3e0cff5ba83abd68a226376c088dcd758cd4d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
52, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
53090
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7662
x-served-by
cache-iad-kcgs7200175-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.442387,VS0,VE1
etag
"5c1c9090074444cf685ba6bf4e3bc93d415611a7"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 03:05:26 GMT
vox-todayexplained-cover2.0.png
cdn.vox-cdn.com/thumbor/2HgN0Nrnx3jDwXPgm3ZqjUCfOfw=/0x0:3000x3000/500x500/filters:focal(0x0:3000x3000):format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/10242919/
8 KB
8 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/2HgN0Nrnx3jDwXPgm3ZqjUCfOfw=/0x0:3000x3000/500x500/filters:focal(0x0:3000x3000):format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/10242919/vox-todayexplained-cover2.0.png
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
e1def8dcae0b755d4d026b9285d6943f619cf65f380ff9f37bb5e8af6caa10df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
49667, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
3173902
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8054
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.443885,VS0,VE1
etag
"54fd3fafa1576826a24aca8a3b576ec917d811bc"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 14 Feb 2033 00:11:53 GMT
api.js
www.recaptcha.net/recaptcha/
887 B
907 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
212817d3eecaca749c0df51f827bc379db90bbaf3a4d211f1d4e3e5492cb283d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
587
x-xss-protection
1; mode=block
expires
Thu, 23 Mar 2023 05:50:16 GMT
The_Weeds.0.png
cdn.vox-cdn.com/thumbor/CwWeN8_YPtkPeEVaAyKIal0_JvY=/0x0:3000x3000/500x500/filters:focal(0x0:3000x3000):format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/21864496/
12 KB
12 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/CwWeN8_YPtkPeEVaAyKIal0_JvY=/0x0:3000x3000/500x500/filters:focal(0x0:3000x3000):format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/21864496/The_Weeds.0.png
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
408715fa9633502e3da3e703bf52b5b301cd3c048aa42148ee4ef591252a701a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
13843, 1
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1955221
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11930
x-served-by
cache-iad-kjyo7100110-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550616.443881,VS0,VE1
etag
"95c3efb71b036ef6d613b3e217bfc724885d0eb6"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 28 Feb 2033 02:43:15 GMT
highlight_logo_small.png
cdn.vox-cdn.com/uploads/chorus_asset/file/21937644/
170 KB
170 KB
Image
General
Full URL
https://cdn.vox-cdn.com/uploads/chorus_asset/file/21937644/highlight_logo_small.png
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7c3bbb6efea2103f881cfe5cc0be3d6eb00a6069f62ba62d0886bb2fcfa0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
VR59HE3ARKDDJTYR
age
2068
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
173955
x-amz-id-2
OsayYhuACW90HpEvFhNgfIIIuJw5XUzizzGKslgJ4gtMcNvyidUb3BkCezDqYoPxxBCBfhDj61Q=
x-served-by
cache-fra-eddf8230038-FRA
last-modified
Mon, 05 Oct 2020 16:12:19 GMT
server
AmazonS3
x-timer
S1679550616.443861,VS0,VE1
etag
"839a436fd432a4136de4264b3e3b6593"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
hub_pages-61a553d769ebdf3cca92.js
cdn.vox-cdn.com/packs/js/
202 KB
70 KB
Script
General
Full URL
https://cdn.vox-cdn.com/packs/js/hub_pages-61a553d769ebdf3cca92.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f98930fcbff43264f4f271df5de9a78f972c96391fe4fe1bb7bb3eae28bc995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://pubg-gfx-pro.com/
Origin
http://pubg-gfx-pro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
BN8G0VDX6M0WMGAJ
age
73706
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
71845
x-amz-id-2
N83HtK6ccKY0IJctcUg0olkmlSkN3sU7VmLgbum4ng8OoMSSjJjm92GqmeesIZD2S/feNCMnkGg=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Tue, 21 Mar 2023 20:23:35 GMT
server
AmazonS3
x-timer
S1679550616.454241,VS0,VE0
etag
"cf697d979bde56422ce35a70056e7f6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
20
chorus-445adab02eca8b1d5e29.js
cdn.vox-cdn.com/packs/js/
326 KB
105 KB
Script
General
Full URL
https://cdn.vox-cdn.com/packs/js/chorus-445adab02eca8b1d5e29.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7f8e3141104cccf66879951733a90cee362e11c4c92998bd0a508875fe3a393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://pubg-gfx-pro.com/
Origin
http://pubg-gfx-pro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
216ZY5T36Y6ZA29Y
age
554068
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
106956
x-amz-id-2
cyy1khl81eT5JUH6uW2EZO+OhzqR9jIoBoR8jJX5ifqvoQWQ4M/GTZQcJlM8jNliRLVWHPNLaxk=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Thu, 16 Mar 2023 13:42:27 GMT
server
AmazonS3
x-timer
S1679550616.454227,VS0,VE0
etag
"10b94f9cc7c2e9ba646bec1677f41f85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
3452
v2
z-na.associates-amazon.com/onetag/
11 KB
4 KB
Script
General
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-218.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a5457128174d931326d6e2819cf1b529e685c64d2154005833b46ec4d8aed8d9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 02:18:35 GMT
content-encoding
gzip
accept-charset
UTF-8
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P7
x-amz-rid
BJ07AYEP2J3ZHH4KHX7P
age
12700
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
cAfB8vl0ZPYuNZ9rJeof8Ay1ay7dDxeUEmp4VmEUeBihWOT5VfGgrA==
pickup.js
phonograph2.voxmedia.com/
7 KB
3 KB
Script
General
Full URL
https://phonograph2.voxmedia.com/pickup.js?v=1529075019264
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
59
date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
expires
Tue, 31 Jan 2023 12:28:58 GMT
last-modified
Thu, 31 Mar 2022 14:00:57 GMT
age
19020
x-timer
S1679550617.500815,VS0,VE0
x-cache
HIT
content-type
text/javascript
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
2668
x-served-by
cache-fra-eddf8230092-FRA
p.js
cdn.parsely.com/keys/vox.com/
59 KB
22 KB
Script
General
Full URL
http://cdn.parsely.com/keys/vox.com/p.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e838b1e343fa940c47524cdf730f02cd474eb64d0dde385fbaa4993bc5c244da

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 01:41:17 GMT
Content-Encoding
gzip
Via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P2
Age
15572
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Wed, 08 Feb 2023 15:00:37 GMT
Server
nginx
ETag
W/"63e3b915-eae4"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Id
EAnnOnHmY9geQrB1slorpvpmbBs6GmRoRQhRhyHnaHjF5_G8ICcBuw==
Expires
Fri, 24 Mar 2023 01:30:44 GMT
VMP2271799078
player.megaphone.fm/ Frame 3EAB
71 KB
25 KB
Document
General
Full URL
https://player.megaphone.fm/VMP2271799078?light=true
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b2567fef5eda8faae7447709bec326bff13acccced03c64f72ae125ca5dde57d

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=951
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
25057
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Mar 2023 05:50:16 GMT
X-HW
1679550616.dop230.am5.t,1679550616.cds320.am5.shn,1679550616.dop230.am5.t,1679550616.cds129.am5.c
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/
407 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pubg-gfx-pro.com/
Origin
http://pubg-gfx-pro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 13:09:15 GMT
VMP2413538767
player.megaphone.fm/ Frame AE96
71 KB
25 KB
Document
General
Full URL
https://player.megaphone.fm/VMP2413538767?light=true
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
306bb436edc75cb10da0367b97ab83e5326ac98efe7b9bb9fad6f0649c5b2158

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=165
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
25164
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Mar 2023 05:50:16 GMT
X-HW
1679550616.dop117.am5.t,1679550616.cds111.am5.shn,1679550616.dop117.am5.t,1679550616.cds118.am5.c
user_context
pubg-gfx-pro.com/services/
869 B
1015 B
XHR
General
Full URL
http://pubg-gfx-pro.com/services/user_context
Requested by
Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-445adab02eca8b1d5e29.js
Protocol
HTTP/1.1
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
aa3bf4e6eb287a428bfc471f23103c165a6797ec537efa8fb638636581888726

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://pubg-gfx-pro.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Server
nginx/1.15.7
Content-Length
869
Content-Type
application/json; charset=utf-8
truncated
/
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/webp
test_ads_prebid_blocker.js
apps.voxmedia.com/ad-block-detect/
44 B
288 B
Script
General
Full URL
https://apps.voxmedia.com/ad-block-detect/test_ads_prebid_blocker.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2abcf4ca4f543d63ed37e00a7c7daabed4a60822c15bea1d388d6b4fbfc4a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
UgszM5eLZPnljhKeeujYdbHJQ2lFaW20
date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
age
589
x-cache
HIT
content-length
44
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Thu, 19 Jan 2023 20:35:41 GMT
server
AmazonS3
x-timer
S1679550617.602628,VS0,VE0
etag
"63fac8aa984b122d6d899cf2eeae0649"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
7
player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
assets.megaphone.fm/assets/ Frame 3EAB
13 KB
3 KB
Stylesheet
General
Full URL
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
79e6ededbd0e64da260f9a4dd18ae9f88416ec03a26315d430a18710b9724576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 00:17:43 GMT
ETag
"1678321063"
X-HW
1679550616.dop124.am5.t,1679550616.cds212.am5.shn,1679550616.dop124.am5.t,1679550616.cds292.am5.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1425367
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3055
player-ce4af4d21587f0fa526a.js
assets.megaphone.fm/packs/js/ Frame 3EAB
432 KB
129 KB
Script
General
Full URL
https://assets.megaphone.fm/packs/js/player-ce4af4d21587f0fa526a.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c8834d526c8c132dc9daee4969a95b2adf207b1bba06aaed6dbbcebffc5cef32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2023 14:18:10 GMT
ETag
"1679494690"
X-HW
1679550616.dop153.am5.t,1679550616.cds235.am5.shn,1679550616.dop153.am5.t,1679550616.cds283.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2536731
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
131366
google_analytics-8a79642f495430a6958d.js
assets.megaphone.fm/packs/js/libraries/ Frame 3EAB
1 KB
1 KB
Script
General
Full URL
https://assets.megaphone.fm/packs/js/libraries/google_analytics-8a79642f495430a6958d.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f1eea51e56fb4cce40c3c74acda58243154dd48e12a41c39a35c152585867ced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2023 14:18:10 GMT
ETag
"1679494690"
X-HW
1679550616.dop004.am5.t,1679550616.cds240.am5.shn,1679550616.dop004.am5.t,1679550616.cds122.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2536425
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
728
uploads_2F1588357113366-jjsdfzx6x4m-c0339c10f9b113a5fcc93436e66e5ef4_2FTodayExplained%2BV2_Tile_3000x3000%2B_281_29.png
megaphone.imgix.net/podcasts/23d52a2a-1c5f-11ea-9a0e-b70170f2a827/image/ Frame 3EAB
6 KB
6 KB
Image
General
Full URL
https://megaphone.imgix.net/podcasts/23d52a2a-1c5f-11ea-9a0e-b70170f2a827/image/uploads_2F1588357113366-jjsdfzx6x4m-c0339c10f9b113a5fcc93436e66e5ef4_2FTodayExplained%2BV2_Tile_3000x3000%2B_281_29.png?ixlib=rails-4.3.1&w=200&h=200
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a6247a3f8002682990a158ac03f245a54cab8da6531e732f5771caa2e14dbd4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
445590
x-cache
HIT, HIT
x-imgix-id
c945e59c4a7d13845fa78fcf5f2e60d49eb9431a
cross-origin-resource-policy
cross-origin
content-length
5845
x-served-by
cache-sjc10049-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.9544
last-modified
Sat, 18 Mar 2023 02:03:46 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-play.png
megaphone.imgix.net/player/ Frame 3EAB
2 KB
2 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-play.png?ixlib=rails-4.3.1&w=50&h=50&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bae4a118f19b0bd69b1460f99c3ef14621ca654e18ed46fcd828d074acb2ba1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
1963638
x-cache
HIT, HIT
x-imgix-id
33bbef6e86441274eaba2118c7cd59309c1907ab
cross-origin-resource-policy
cross-origin
content-length
2388
x-served-by
cache-sjc10042-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.9032
last-modified
Tue, 28 Feb 2023 12:22:58 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-pause.png
megaphone.imgix.net/player/ Frame 3EAB
1 KB
1 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-pause.png?ixlib=rails-4.3.1&w=50&h=50&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5fc9c36bbb4344e830e64f5739a7714d8ff086749bcab3a3febf92f97d5deeff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
1967601
x-cache
HIT, HIT
x-imgix-id
ab151dc5957b5551c643bdd8049312aafd941f8d
cross-origin-resource-policy
cross-origin
content-length
1236
x-served-by
cache-sjc10038-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.9544
last-modified
Tue, 28 Feb 2023 11:16:56 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-logo-dark-updated.png
megaphone.imgix.net/player/ Frame 3EAB
5 KB
5 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-logo-dark-updated.png?ixlib=rails-4.3.1&w=100&h=10&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
14d43ea0135e8e658e04de1fae996c2ac09eadba530aec26061f1dc0a7d1cad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
4984936
x-cache
HIT, HIT
x-imgix-id
bac2ea8a82e085eb277b3cc9367d1a43e839f08c
cross-origin-resource-policy
cross-origin
content-length
4668
x-served-by
cache-sjc10024-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.1096
last-modified
Tue, 24 Jan 2023 13:07:59 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
loadus.exelator.com/load/ Frame 3EAB
Redirect Chain
  • https://loadus.exelator.com/load/?p=928&g=22&j=0
  • https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
0
767 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 23 Mar 2023 05:50:16 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
assets.megaphone.fm/assets/ Frame AE96
13 KB
3 KB
Stylesheet
General
Full URL
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
79e6ededbd0e64da260f9a4dd18ae9f88416ec03a26315d430a18710b9724576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 00:17:43 GMT
ETag
"1678321063"
X-HW
1679550616.dop230.am5.t,1679550616.cds301.am5.shn,1679550616.dop230.am5.t,1679550616.cds292.am5.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1425367
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3055
player-ce4af4d21587f0fa526a.js
assets.megaphone.fm/packs/js/ Frame AE96
432 KB
129 KB
Script
General
Full URL
https://assets.megaphone.fm/packs/js/player-ce4af4d21587f0fa526a.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c8834d526c8c132dc9daee4969a95b2adf207b1bba06aaed6dbbcebffc5cef32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2023 14:18:10 GMT
ETag
"1679494690"
X-HW
1679550616.dop129.am5.t,1679550616.cds155.am5.shn,1679550616.dop129.am5.t,1679550616.cds283.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2536731
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
131366
google_analytics-8a79642f495430a6958d.js
assets.megaphone.fm/packs/js/libraries/ Frame AE96
1 KB
1 KB
Script
General
Full URL
https://assets.megaphone.fm/packs/js/libraries/google_analytics-8a79642f495430a6958d.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f1eea51e56fb4cce40c3c74acda58243154dd48e12a41c39a35c152585867ced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2023 14:18:10 GMT
ETag
"1679494690"
X-HW
1679550616.dop227.am5.t,1679550616.cds012.am5.shn,1679550616.dop227.am5.t,1679550616.cds122.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2536425
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
728
uploads_2F1585578364123-rcztsm1b6y-c1e630a7dd426cff08760d32dd9846b2_2FTile_3000x3000.png
megaphone.imgix.net/podcasts/c3f826bc-e112-11e8-90b5-2f1c4d81c4e2/image/ Frame AE96
18 KB
18 KB
Image
General
Full URL
https://megaphone.imgix.net/podcasts/c3f826bc-e112-11e8-90b5-2f1c4d81c4e2/image/uploads_2F1585578364123-rcztsm1b6y-c1e630a7dd426cff08760d32dd9846b2_2FTile_3000x3000.png?ixlib=rails-4.3.1&w=200&h=200
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
fd761139e3b62d2bc42ae872534f28be18cc2ff9f3e0028683af40274ed38941
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
4916798
x-cache
HIT, HIT
x-imgix-id
d1ec5fdb2b96b7d72c21e798f374f37eb62d857a
cross-origin-resource-policy
cross-origin
content-length
18254
x-served-by
cache-sjc10036-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.1096
last-modified
Wed, 25 Jan 2023 08:03:38 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-play.png
megaphone.imgix.net/player/ Frame AE96
2 KB
3 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-play.png?ixlib=rails-4.3.1&w=50&h=50&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bae4a118f19b0bd69b1460f99c3ef14621ca654e18ed46fcd828d074acb2ba1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
1963638
x-cache
HIT, HIT
x-imgix-id
33bbef6e86441274eaba2118c7cd59309c1907ab
cross-origin-resource-policy
cross-origin
content-length
2388
x-served-by
cache-sjc10042-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.9032
last-modified
Tue, 28 Feb 2023 12:22:58 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-pause.png
megaphone.imgix.net/player/ Frame AE96
1 KB
1 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-pause.png?ixlib=rails-4.3.1&w=50&h=50&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5fc9c36bbb4344e830e64f5739a7714d8ff086749bcab3a3febf92f97d5deeff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
1967601
x-cache
HIT, HIT
x-imgix-id
ab151dc5957b5551c643bdd8049312aafd941f8d
cross-origin-resource-policy
cross-origin
content-length
1236
x-served-by
cache-sjc10038-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.9544
last-modified
Tue, 28 Feb 2023 11:16:56 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
megaphone-logo-dark-updated.png
megaphone.imgix.net/player/ Frame AE96
5 KB
5 KB
Image
General
Full URL
https://megaphone.imgix.net/player/megaphone-logo-dark-updated.png?ixlib=rails-4.3.1&w=100&h=10&dpr=2
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
14d43ea0135e8e658e04de1fae996c2ac09eadba530aec26061f1dc0a7d1cad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
x-content-type-options
nosniff
age
4984936
x-cache
HIT, HIT
x-imgix-id
bac2ea8a82e085eb277b3cc9367d1a43e839f08c
cross-origin-resource-policy
cross-origin
content-length
4668
x-served-by
cache-sjc10024-SJC, cache-fra-eddf8230039-FRA
x-imgix-render-farm
01.1096
last-modified
Tue, 24 Jan 2023 13:07:59 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
loadus.exelator.com/load/ Frame AE96
Redirect Chain
  • https://loadus.exelator.com/load/?p=928&g=22&j=0
  • https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
0
767 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 23 Mar 2023 05:50:16 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=928&g=22&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
v2
mb.moatads.com/yi/
235 B
410 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GnOvBihjElCFgA%3D%3D&sc=0&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&pcode=voxprebidheader841653991752&rx=942191547084&callback=MoatNadoAllJsonpRequest_47455817
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.171.18.216 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-18-216.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
275a486ba8a4aa51e84c4c0a5190b8c4f0b1c23ecf48490b2a577ca20b38713f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"636cde5d9a94d29613253f064a4da56f4df87e34"
content-length
235
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/
98 B
270 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GnOvBihjElCFgA%3D%3D&sc=0&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=VOX_PREBID_HEADER1&hp=1&wf=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1679550616589&de=803036122266&rx=942191547084&m=0&ar=03b6d3f0bdc-clean&iw=26d2eab&q=1&cb=0&cu=1679550616589&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=http%3A%2F%2Fpubg-gfx-pro.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=voxprebidheader841653991752&fd=1&it=500&ti=0&ih=2&pe=1%3A1602%3A1602%3A0%3A1618&jk=-1&jm=-1&fs=202622&na=2051445051&cs=0&ord=1679550616589&jv=1305496473&callback=DOMlessLLDcallback_47455817
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.217.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-217-194.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
bbff7c43ce787493c46164564dc8af0effa0440b6fa04c8450e670af6242383f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"500012c5ae45e3d9e08e700f8809c1e252d0a640"
content-length
98
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/
100 B
273 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GnOvBihjElCFgA%3D%3D&sc=0&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=VOX_PREBID_HEADER1&hp=1&wf=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1679550616589&de=803036122266&rx=942191547084&m=0&ar=03b6d3f0bdc-clean&iw=26d2eab&q=2&cb=0&cu=1679550616589&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=http%3A%2F%2Fpubg-gfx-pro.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=voxprebidheader841653991752&fd=1&it=500&ti=0&ih=2&pe=1%3A1602%3A1602%3A0%3A1618&jk=-1&jm=-1&fs=202622&na=1901303708&cs=0&callback=MoatDataJsonpRequest_47455817
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.217.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-217-194.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
6145ebbe10c2c3a71851dc229cf4897f1f76301218b7c260d5f1ae96a8f124bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"015216f0575902cdcf89a9c9f7132e8609d53a86"
content-length
100
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 0920
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=588
content-length
1374
content-type
text/html
date
Thu, 23 Mar 2023 05:50:16 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
andoncord
assoc-na.associates-amazon.com/onetag/
16 B
411 B
XHR
General
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EXYSYD8H8P2C9M6M83SC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
http://pubg-gfx-pro.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
16
/
p1.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
http://p1.parsely.com/plogger/?rand=1679550616728&plid=083afa8e-ee35-4475-ace5-d9ae3841db27&idsite=vox.com&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%7D%7D&sid=1&surl=http%3A%2F%2Fpubg-gfx-pro.com%2F&sref=&sts=1679550616724&slts=0&title=Vox+-+Understand+the+News&date=Thu+Mar+23+2023+05%3A50%3A16+GMT%2B0000+(GMT)&action=pageview&pvid=1f95bb27-10e6-4bb8-be7a-dfa88bdeb605&u=pid%3Dc5d73cdd-92e1-4967-8345-c72161c6cf3d
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 23-Mar-2023 05:50:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
third.html
phonograph2.voxmedia.com/ Frame 50EB
295 B
629 B
Document
General
Full URL
http://phonograph2.voxmedia.com/third.html
Requested by
Host: phonograph2.voxmedia.com
URL: https://phonograph2.voxmedia.com/pickup.js?v=1529075019264
Protocol
HTTP/1.1
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e56493b45ccf5db1ca7c5719e1d15fdae2b9077d6c58cc0eb50ca7b2836d057

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
5519
Cache-Control
public, max-age=43200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
195
Content-Type
text/html
Date
Thu, 23 Mar 2023 05:50:16 GMT
Expires
Tue, 14 Feb 2023 16:11:51 GMT
Last-Modified
Thu, 31 Mar 2022 14:00:57 GMT
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
12
X-Served-By
cache-fra-eddf8230046-FRA
X-Timer
S1679550617.745423,VS0,VE0
pubads_impl_2023032001.js
securepubads.g.doubleclick.net/gpt/
396 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 10:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136699
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Mar 2024 10:48:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
38 B
584 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pubg-gfx-pro.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
353f6d99dfa7ddb8b8c804406136d5d1380f14579a0109c973636bc4b05c13de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Thu, 23 Mar 2023 05:50:16 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 7572
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=ieiqf91nlz75
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcf696e3afbf7828617cfb57197aed82bfa72801bf30fad02fb77102a802b5fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KmQWVtz5yGVSsjtKyHekEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1052
content-security-policy
script-src 'report-sample' 'nonce-KmQWVtz5yGVSsjtKyHekEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:16 GMT
expires
Thu, 23 Mar 2023 05:50:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.recaptcha.net/recaptcha/api2/ Frame 1E11
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=i36v6pdov60l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
074b0d3794d2d5d6eea71b772946e00782d3f34d7a21db3f3d4b24bb675f8d41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bt84tt_UhXk1kST5kU_UJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1037
content-security-policy
script-src 'report-sample' 'nonce-bt84tt_UhXk1kST5kU_UJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:16 GMT
expires
Thu, 23 Mar 2023 05:50:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.recaptcha.net/recaptcha/api2/ Frame 52C8
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=7y9uua3y2vu8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36dd7c732e394ed6f8594f7516c695b9331cdf6f8d662bd04de93a2d1f484068
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6wF8SHy6XmAWEC1BbxsZZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1038
content-security-policy
script-src 'report-sample' 'nonce-6wF8SHy6XmAWEC1BbxsZZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:16 GMT
expires
Thu, 23 Mar 2023 05:50:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.recaptcha.net/recaptcha/api2/ Frame 0055
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=avapody5d0rn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38546b1bd95e3de666243be94208642340d0994960d94886b6eb03f03180de51
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ToOLmZrPZQCg4PdIqJioWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1051
content-security-policy
script-src 'report-sample' 'nonce-ToOLmZrPZQCg4PdIqJioWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:16 GMT
expires
Thu, 23 Mar 2023 05:50:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pickup.js
phonograph2.voxmedia.com/ Frame 50EB
7 KB
3 KB
Script
General
Full URL
http://phonograph2.voxmedia.com/pickup.js
Requested by
Host: phonograph2.voxmedia.com
URL: http://phonograph2.voxmedia.com/third.html
Protocol
HTTP/1.1
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://phonograph2.voxmedia.com/third.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Cache-Hits
13044
Date
Thu, 23 Mar 2023 05:50:16 GMT
Content-Encoding
gzip
Via
1.1 varnish
Expires
Fri, 17 Feb 2023 08:32:21 GMT
Last-Modified
Thu, 31 Mar 2022 14:00:57 GMT
Age
33145
X-Timer
S1679550617.822069,VS0,VE0
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
public, max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2668
X-Served-By
cache-fra-eddf8230046-FRA
analytics.js
www.google-analytics.com/ Frame AE96
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 04:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 06:05:11 GMT
pnply-font-medium-43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0.woff
assets.megaphone.fm/assets/ Frame AE96
19 KB
20 KB
Font
General
Full URL
https://assets.megaphone.fm/assets/pnply-font-medium-43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0.woff
Requested by
Host: assets.megaphone.fm
URL: https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0

Request headers

Referer
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Origin
https://player.megaphone.fm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Last-Modified
Thu, 02 Mar 2023 19:33:58 GMT
ETag
"1677785638"
X-HW
1679550616.dop262.am5.t,1679550616.cds204.am5.shn,1679550616.dop262.am5.t,1679550616.cds001.am5.c
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1079149
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19808
pnply-icons-51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06.woff
assets.megaphone.fm/assets/ Frame AE96
5 KB
6 KB
Font
General
Full URL
https://assets.megaphone.fm/assets/pnply-icons-51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06.woff
Requested by
Host: assets.megaphone.fm
URL: https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06

Request headers

Referer
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Origin
https://player.megaphone.fm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Last-Modified
Tue, 21 Feb 2023 18:31:11 GMT
ETag
"1677004271"
X-HW
1679550616.dop113.am5.t,1679550616.cds273.am5.shn,1679550616.dop113.am5.t,1679550616.cds008.am5.c
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=108658
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5448
analytics.js
www.google-analytics.com/ Frame 3EAB
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 04:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 06:05:11 GMT
pnply-font-medium-43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0.woff
assets.megaphone.fm/assets/ Frame 3EAB
19 KB
20 KB
Font
General
Full URL
https://assets.megaphone.fm/assets/pnply-font-medium-43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0.woff
Requested by
Host: assets.megaphone.fm
URL: https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0

Request headers

Referer
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Origin
https://player.megaphone.fm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Last-Modified
Tue, 21 Mar 2023 15:35:07 GMT
ETag
"1679412907"
X-HW
1679550616.dop113.am5.t,1679550616.cds273.am5.shn,1679550616.dop113.am5.t,1679550616.cds008.am5.c
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2461246
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19808
pnply-icons-51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06.woff
assets.megaphone.fm/assets/ Frame 3EAB
5 KB
6 KB
Font
General
Full URL
https://assets.megaphone.fm/assets/pnply-icons-51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06.woff
Requested by
Host: assets.megaphone.fm
URL: https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06

Request headers

Referer
https://assets.megaphone.fm/assets/player-4b8d46b894f0a00b645a4a45bcbaa9c444a21cb4b65fd735633e6ee574376d4d.css
Origin
https://player.megaphone.fm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:16 GMT
Last-Modified
Tue, 21 Feb 2023 18:31:11 GMT
ETag
"1677004271"
X-HW
1679550616.dop262.am5.t,1679550616.cds204.am5.shn,1679550616.dop262.am5.t,1679550616.cds008.am5.c
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=108658
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5448
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7572
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=ieiqf91nlz75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 01:41:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7572
407 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=ieiqf91nlz75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 13:09:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 1E11
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=i36v6pdov60l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 01:41:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 1E11
407 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=i36v6pdov60l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 13:09:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 52C8
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=7y9uua3y2vu8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 01:41:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 52C8
407 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=normal&cb=7y9uua3y2vu8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 13:09:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 0055
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=avapody5d0rn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 01:41:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 0055
407 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=avapody5d0rn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 13:09:15 GMT
config.json
concertads-configs.vox-cdn.com/sbn/vox/
75 KB
8 KB
XHR
General
Full URL
https://concertads-configs.vox-cdn.com/sbn/vox/config.json
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08e4b6a78767bffbc0c182f65a4612a7c1a75346cb2e2a537254df3683134b71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
J56WN4D0KGB3HXV0
age
221790
x-amz-server-side-encryption
AES256
x-cache
HIT
geo-metro
276005
x-amz-meta-surrogate-control
max-age=31536000, stale-while-revalidate=30, stale-if-error=86400
x-amz-meta-surrogate-key
concertadsconfigs
content-length
8001
x-amz-id-2
M4D+iikLolYMeZOs4xtbAiuZSypm0IAQtercHGmKl+QxmwMrJJnMHJwVS5ofhQmHSmTiPJtUZCk=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Mon, 20 Mar 2023 16:13:46 GMT
server
AmazonS3
x-timer
S1679550617.983775,VS0,VE0
etag
"ee7fe31da7b513ee793e45660820ff96"
vary
Accept-Encoding
geo-connection-speed
broadband
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
geo-region, geo-connection-speed, geo-metro
cache-control
max-age=3600
geo-region
DE-BY
accept-ranges
bytes
x-cache-hits
8
unison_request
auth.voxmedia.com/sso/
0
352 B
Script
General
Full URL
https://auth.voxmedia.com/sso/unison_request?community_id=441&t=1679550616979
Requested by
Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-445adab02eca8b1d5e29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish
expires
-1
server
Varnish
x-timer
S1679550617.037530,VS0,VE0
x-cache
HIT
content-type
text/javascript
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
retry-after
0
x-served-by
cache-fra-eddf8230049-FRA
tag
btloader.com/
45 KB
12 KB
Script
General
Full URL
https://btloader.com/tag?o=6315858775244800&upapi=true
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac31bfb763f15ef0e30937eba5faf7c7de418d06fe82a0704f7fbcaaca47dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 05:33:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
941
etag
W/"fe50fbd7f200ab6a98eb08012d36be45"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rp7yYupe63TbJRELLOkPcHQapn%2FP9aIw2Og%2FgvOiN%2FL%2B8kPZ0cyMryFByU%2FZEQdwZEpkNoblboUFQIWRGpeCww53Rxu7DaWdnz2WN6kInKc9oKJK2GI8b2LWCab3TcOfKig0gCmctHfdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7ac4655c8c699962-FRA
pub.js
pub.doubleverify.com/signals/
77 KB
20 KB
Script
General
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5d1126b926891261a86890946c0d561a1c2e4ae8382e843a68408dd9e03549
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
7ac4655c9eb19bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL3B1YmctZ2Z4LXByby5jb20v.json
cdn.concert.io/lookup/
26 B
532 B
XHR
General
Full URL
https://cdn.concert.io/lookup/aHR0cDovL3B1YmctZ2Z4LXByby5jb20v.json
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
61a755ce43dd14b2cc237f369f9ffa77fb245071d6401725f57e34c69a39f16d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-permitted-cross-domain-policies
none
age
0
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31
x-xss-protection
0
x-request-id
509d47a8-bc5d-49c4-bd7e-cd0f0b1ea10d
x-served-by
cache-fra-eddf8230082-FRA
x-runtime
0.001824
referrer-policy
strict-origin-when-cross-origin
server
Cowboy
x-timer
S1679550617.015862,VS0,VE273
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=3600, public, s-maxage=86400
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
retrieve
cdn.concert.io/hem/ Frame
0
0
Preflight
General
Full URL
https://cdn.concert.io/hem/retrieve
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://pubg-gfx-pro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-max-age
600
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 23 Mar 2023 05:50:17 GMT
server
uvicorn
vary
Origin, Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230082-FRA
x-timer
S1679550617.053127,VS0,VE223
client.json
cdn.concert.io/lookup/
275 B
699 B
XHR
General
Full URL
https://cdn.concert.io/lookup/client.json
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-permitted-cross-domain-policies
none
age
0
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
168
x-xss-protection
0
x-request-id
31a15cf0-7812-4194-ae84-9ef42a67b14b
x-served-by
cache-fra-eddf8230082-FRA
x-runtime
0.003434
referrer-policy
strict-origin-when-cross-origin
server
Cowboy
x-timer
S1679550617.016098,VS0,VE289
etag
W/"f3caeb1688453aaa314d1d7f087b3370"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=3600, public, s-maxage=3600
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
segment
cdn.concert.io/segments_prod2/v1.0/
23 B
290 B
XHR
General
Full URL
https://cdn.concert.io/segments_prod2/v1.0/segment
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
uvicorn /
Resource Hash
6aebfc4e8ba630255bcafb813c038ecaaf4ce9294607559e9ff6f2a6ec703b7c

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

x-served-by
cache-fra-eddf8230082-FRA
pragma
no-cache
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish
server
uvicorn
x-timer
S1679550617.016195,VS0,VE198
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23
x-cache-hits
0
apstag.js
c.amazon-adsystem.com/aax2/
224 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:10:35 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:29:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2383
x-amz-server-side-encryption
AES256
etag
W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GyU-9aHmk3OPjbrba3hJBh148kCewJRrnkrroQtye8W557q4TbYZxw==
183789-71940066017360.js
js-sec.indexww.com/ht/p/
40 KB
14 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f246f7999a5ad417109c5c937587450910a9d5f421736e2ad3da68719fda0133

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 05:30:51 GMT
server
cloudflare
age
1010
etag
W/"7641bb-9fcc-5f78a94770f1b"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7ac4655cbebc9a06-FRA
expires
Thu, 23 Mar 2023 09:50:17 GMT
7470.js
micro.rubiconproject.com/prebid/dynamic/
507 KB
136 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/7470.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2981eb6a48be32ca47b9ec56abee1dc8b1a218e6b592cd751af9bcf073b80eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
last-modified
Wed, 22 Mar 2023 13:40:55 GMT
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-7470_Vox_Eater_Prebid_DM.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
138855
expires
Thu, 23 Mar 2023 13:48:51 GMT
retrieve
cdn.concert.io/hem/
118 B
324 B
XHR
General
Full URL
https://cdn.concert.io/hem/retrieve
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
uvicorn /
Resource Hash
155152129bf392e3b78bdb3038c6feeff05561d8e71cd33e36b9edf999c647ac

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230082-FRA
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish
server
uvicorn
x-timer
S1679550617.282967,VS0,VE112
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
118
x-cache-hits
0
async-api.61caf4d9-1228.min.js
js-agent.newrelic.com/ Frame AE96
2 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
9FMWS4WPWY7EZ9EX
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1122
x-amz-id-2
m5O/ZxhL6IxD/PHJ5gg8gZ5ieOhDplAFXadRB7lvTdr5BZtWt/v0Tt/YANg/8nyaKCetOkMMe8k=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.081460,VS0,VE0
etag
"5a15fa90d5c9cf59729e937de488758b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1098
lazy-loader.37550b27-1228.min.js
js-agent.newrelic.com/ Frame AE96
928 B
624 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
9FMHB0H5PAPXX05N
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
415
x-amz-id-2
DdqH6btxjH5A9UtVrMMpouH7xGE+OAKyaqdEl6ejHZTBQPEGdIjGGmQl8w0OT+0H7GBFPy/OEII=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.081538,VS0,VE0
etag
"b6eaf4dad9b3e3384b0e9366ff9d0080"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1085
async-api.61caf4d9-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
9FMWS4WPWY7EZ9EX
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1122
x-amz-id-2
m5O/ZxhL6IxD/PHJ5gg8gZ5ieOhDplAFXadRB7lvTdr5BZtWt/v0Tt/YANg/8nyaKCetOkMMe8k=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.115648,VS0,VE0
etag
"5a15fa90d5c9cf59729e937de488758b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1099
lazy-loader.37550b27-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
928 B
487 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
9FMHB0H5PAPXX05N
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
415
x-amz-id-2
DdqH6btxjH5A9UtVrMMpouH7xGE+OAKyaqdEl6ejHZTBQPEGdIjGGmQl8w0OT+0H7GBFPy/OEII=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.115962,VS0,VE0
etag
"b6eaf4dad9b3e3384b0e9366ff9d0080"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1086
px.gif
ad-delivery.net/
43 B
942 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21888
x-guploader-uploadid
ADPycduKMNA_PU7NldbV0i1WEIlPIOsjtEM86-p_9QwpPEa1_APcDlMi-VDBq92XkYRXqZed3THppS9luNffuUVYTTnlpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jof%2B1LMR0ltk8bXzelNrBPSW55CWU5NZZTanYpEc9u1%2BHYNmTsVVoHbZzlAFunSEyYdq5gTpSeX3NOO0y9BeTU%2F7ebXU%2Bzi2n6Yc9BWV6l6KpNFJGMpvAP2PooWw8%2FsiyPO3oUSt2jrBs%2BZycQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac4655d2b90360c-FRA
expires
Thu, 23 Mar 2023 00:14:54 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:11 GMT
px.gif
ad-delivery.net/
43 B
337 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5272182167927715
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21888
x-guploader-uploadid
ADPycduKMNA_PU7NldbV0i1WEIlPIOsjtEM86-p_9QwpPEa1_APcDlMi-VDBq92XkYRXqZed3THppS9luNffuUVYTTnlpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9ZhuAQqM7LX7%2BwImnK4MbMndG8IxqCxwQ49AHPi0SpRJ7S3Q54c70DHhGQeQSk26k5qgQn3fCIknn4w7S32QF7MnVrdrVetDtficAE1%2Bjv2%2BQ6FtKc5cMM6hBVteOkq1fo3nYK1PioWQsKqZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac4655d2b93360c-FRA
expires
Thu, 23 Mar 2023 00:14:54 GMT
pub.json
pub.doubleverify.com/signals/
55 B
352 B
Fetch
General
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=21236410&cmp=DV464041&signals=ids,bsc,vlp,abs&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&adunits[/172968584/vox/vox.com/front_page][]=1180x450,1400x600&adunits[/172968584/vox/vox.com/front_page][]=2x2&adunits[/172968584/vox/vox.com/front_page][]=1020x90,728x90,970x250,970x90&adunits[/172968584/vox/vox.com/front_page][]=1020x90,728x90,970x90&adunits[/172968584/vox/vox.com/front_page][]=300x250,300x600&adunits[/172968584/vox/vox.com/front_page][]=1030x590,1060x610,1060x619,1060x694,728x90,970x250&adunits[/172968584/vox/vox.com/front_page][]=300x100&adunits[/172968584/vox/vox.com/front_page][]=650x150&adunits[/172968584/vox/vox.com/front_page][]=200x40
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Referer, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
7ac4655d2e283602-FRA
content-length
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
862.e74e95d2-1228.min.js
js-agent.newrelic.com/ Frame AE96
8 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ374JYPQSZE8RM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3271
x-amz-id-2
1eiw/boBIzZDP1eTnPQ4hdq14uuKnqr57sdKoL/Nm2QxKz1x3mEBuFw/JA8C4p7ehbm8ZRGjHT4=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.127919,VS0,VE0
etag
"ff02f82193fd2ec047cb131aa65a0dd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1078
page_view_event-aggregate.46b69e61-1228.min.js
js-agent.newrelic.com/ Frame AE96
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ9YAQ072F5ZWKR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1729
x-amz-id-2
LRuzqZ+dmaI8VSsSWLGxoTDOiYppoorL9aSEWXOQZrPUsN0F1Uc/gxQMuoxZMlwS4owAKvohzr8=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.128238,VS0,VE0
etag
"75e56b9529bc3582d1ee120d4a1d49e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1084
page_view_timing-aggregate.ced8c919-1228.min.js
js-agent.newrelic.com/ Frame AE96
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ4BNC476WRMW02
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2225
x-amz-id-2
zMhzRI586H6gPM5M+5wj7DWLs0l93dLE8G05e9fvgHPJtfolaxYbQ3fk4muER2Ta8LvvorNBZtg=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.128411,VS0,VE0
etag
"ddb946a277f5c644d555e8e1bcf23b77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1082
metrics-aggregate.56d9a464-1228.min.js
js-agent.newrelic.com/ Frame AE96
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ4BYN4NB859E9P
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1751
x-amz-id-2
jH1Vds6YpzUEt7xvQv69cxN1HUsXTcIXJgBtMwxhYMcL7POvkDoPHUiOfLxbZ/bjJA/YNygpyDs=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.128594,VS0,VE0
etag
"04475d81e10a8c7213d39d14e581c599"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1084
jserrors-aggregate.64f61365-1228.min.js
js-agent.newrelic.com/ Frame AE96
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.64f61365-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
7blonOgQSCw8rfW7sCjHyJm0L6QYtp4X
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ31G6CJPJXKKHQ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2938
x-amz-id-2
nwKlWSiomw8P3Xv68A187TvQeWpsur5x+XeY8mgGMKReFFm4JEoXokhS4v7nOeqxtt8AXPCmSO0=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.129091,VS0,VE0
etag
"06e9895d210a73225fa4b9a47e6e9c5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
590
ajax-aggregate.e6085a9a-1228.min.js
js-agent.newrelic.com/ Frame AE96
5 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.e6085a9a-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
Z4Nlcg06uCyBNWwjTtAHDtnTc5kadigL
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
8VEPZTV03Z24B3HM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2365
x-amz-id-2
KgJ1QTPRQrnh9QPL4euRltxz1Brj/8Fd6Og6JLduGK/2KTp4cF7fY4L8XIQ+izdaVWfbjW8FySw=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.129854,VS0,VE0
etag
"61554094cde63c6eec39f630c32a828f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
171
session_trace-aggregate.ada8b15b-1228.min.js
js-agent.newrelic.com/ Frame AE96
10 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.ada8b15b-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
CejlNuOfipmDjtAs.g7oae_1BhJQzddr
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQD5GQ8YHXS8M7H
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3732
x-amz-id-2
PxZ1TeSh2JKkK0u0ICyijo1VmxRJwZ29k++MMhxDhil4XFJsfV9uMHPW9c9UQu5TCAM3i2a6MTQ=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.129952,VS0,VE0
etag
"69d309900c2caeef33af662ddf91affc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
593
page_action-aggregate.1ef08094-1228.min.js
js-agent.newrelic.com/ Frame AE96
3 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.1ef08094-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
ZC9wFZ_QkK2B08VVIX3wzqk3DACA4ZFm
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQCJ3PT8GYTVH0W
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1202
x-amz-id-2
bGFOg+e3rNg+r6QX61jnMBfIOcVpwZEd5rH07SejnASYGAWvKS97WLGPC4V74IziGcjpeXDfw2Q=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.130012,VS0,VE0
etag
"9c1563b1437a04e5cd75285b2f4bffb0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
590
spa-aggregate.7222cbb6-1228.min.js
js-agent.newrelic.com/ Frame AE96
18 KB
7 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.7222cbb6-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
8nTKqPmpPpJMnC7V_9l7a.Xfo0rf._qG
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQBADWTKF2QHX84
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6663
x-amz-id-2
PitUrFZTOhJg7H0QrJX0nwvocqqdh+dvpGPiv+scbABoePAwMYg2cP+AppxbOClu5b8hA+CYEYg=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.130097,VS0,VE0
etag
"5d22b006d12752c6dafe1b5f41318762"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
331
rid
match.adsrvr.org/track/
0
0

/
id.sv.rkdms.com/identity/
2 B
263 B
XHR
General
Full URL
http://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=VOX&sv_domain=pubg-gfx-pro.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol
HTTP/1.1
Server
3.225.82.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-82-51.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Server
nginx/1.22.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://pubg-gfx-pro.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
identity
api.rlcdn.com/api/
0
0

aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:18 GMT
x-amz-version-id
V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
Content-Encoding
gzip
Via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P6
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Tue, 21 Mar 2023 22:59:14 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Vary
Accept-Encoding,Origin
X-Amz-Cf-Id
XZruAweuCCJfIwQ_RKTJIEr2UPH1z7wBA5bEFaGRjORNf02Ate630g==
config
c.amazon-adsystem.com/cdn/prod/
485 B
835 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3176&u=http%3A%2F%2Fpubg-gfx-pro.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d104df4522bce3389de302939f06efd6d9042d2b05f4aa49a21f9ef240aa52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:16 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
485
x-amz-cf-id
sHBWItTC30hjp5E0cTRaFHjC93qpKHLNFS9A1egwkhW3HMjeyYeuPg==
/
vtrk.doubleverify.com/
0
183 B
Ping
General
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=bb5a33fb-48bc-41dd-8b07-0cd69a4dcec9&z=939508324301&ctx=21236410&cd160=bdcd36ef-13a9-419b-bbde-fbd8811f17f8&cd161=http%3A%2F%2Fpubg-gfx-pro.com%2F&cd50=qt&ea=load-pq&cd180=network&cm180=81&cm181=22&cm182=13&cm183=17&cm184=26&cm185=2&cm186=118&cmp=DV464041
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.113.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-113-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
http://pubg-gfx-pro.com
date
Thu, 23 Mar 2023 05:50:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
862.e74e95d2-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
8 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ374JYPQSZE8RM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3271
x-amz-id-2
1eiw/boBIzZDP1eTnPQ4hdq14uuKnqr57sdKoL/Nm2QxKz1x3mEBuFw/JA8C4p7ehbm8ZRGjHT4=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.153899,VS0,VE0
etag
"ff02f82193fd2ec047cb131aa65a0dd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1079
page_view_event-aggregate.46b69e61-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ9YAQ072F5ZWKR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1729
x-amz-id-2
LRuzqZ+dmaI8VSsSWLGxoTDOiYppoorL9aSEWXOQZrPUsN0F1Uc/gxQMuoxZMlwS4owAKvohzr8=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.153867,VS0,VE0
etag
"75e56b9529bc3582d1ee120d4a1d49e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1085
page_view_timing-aggregate.ced8c919-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
5 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ4BNC476WRMW02
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2225
x-amz-id-2
zMhzRI586H6gPM5M+5wj7DWLs0l93dLE8G05e9fvgHPJtfolaxYbQ3fk4muER2Ta8LvvorNBZtg=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.153854,VS0,VE0
etag
"ddb946a277f5c644d555e8e1bcf23b77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1083
metrics-aggregate.56d9a464-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ4BYN4NB859E9P
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1751
x-amz-id-2
jH1Vds6YpzUEt7xvQv69cxN1HUsXTcIXJgBtMwxhYMcL7POvkDoPHUiOfLxbZ/bjJA/YNygpyDs=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.154389,VS0,VE0
etag
"04475d81e10a8c7213d39d14e581c599"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1085
jserrors-aggregate.64f61365-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.64f61365-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
7blonOgQSCw8rfW7sCjHyJm0L6QYtp4X
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQ31G6CJPJXKKHQ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2938
x-amz-id-2
nwKlWSiomw8P3Xv68A187TvQeWpsur5x+XeY8mgGMKReFFm4JEoXokhS4v7nOeqxtt8AXPCmSO0=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.154375,VS0,VE0
etag
"06e9895d210a73225fa4b9a47e6e9c5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
591
ajax-aggregate.e6085a9a-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
5 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.e6085a9a-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
Z4Nlcg06uCyBNWwjTtAHDtnTc5kadigL
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
8VEPZTV03Z24B3HM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2365
x-amz-id-2
KgJ1QTPRQrnh9QPL4euRltxz1Brj/8Fd6Og6JLduGK/2KTp4cF7fY4L8XIQ+izdaVWfbjW8FySw=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.154620,VS0,VE0
etag
"61554094cde63c6eec39f630c32a828f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
172
session_trace-aggregate.ada8b15b-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
10 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.ada8b15b-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
CejlNuOfipmDjtAs.g7oae_1BhJQzddr
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQD5GQ8YHXS8M7H
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3732
x-amz-id-2
PxZ1TeSh2JKkK0u0ICyijo1VmxRJwZ29k++MMhxDhil4XFJsfV9uMHPW9c9UQu5TCAM3i2a6MTQ=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.154958,VS0,VE0
etag
"69d309900c2caeef33af662ddf91affc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
594
page_action-aggregate.1ef08094-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
3 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.1ef08094-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
ZC9wFZ_QkK2B08VVIX3wzqk3DACA4ZFm
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQCJ3PT8GYTVH0W
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1202
x-amz-id-2
bGFOg+e3rNg+r6QX61jnMBfIOcVpwZEd5rH07SejnASYGAWvKS97WLGPC4V74IziGcjpeXDfw2Q=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.155331,VS0,VE0
etag
"9c1563b1437a04e5cd75285b2f4bffb0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
591
spa-aggregate.7222cbb6-1228.min.js
js-agent.newrelic.com/ Frame 3EAB
18 KB
7 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.7222cbb6-1228.min.js
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
8nTKqPmpPpJMnC7V_9l7a.Xfo0rf._qG
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 05:50:17 GMT
x-amz-request-id
0CQBADWTKF2QHX84
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6663
x-amz-id-2
PitUrFZTOhJg7H0QrJX0nwvocqqdh+dvpGPiv+scbABoePAwMYg2cP+AppxbOClu5b8hA+CYEYg=
x-served-by
cache-fra-eddf8230029-FRA
last-modified
Mon, 20 Mar 2023 23:57:31 GMT
server
AmazonS3
x-timer
S1679550617.156062,VS0,VE0
etag
"5d22b006d12752c6dafe1b5f41318762"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
332
6b678a388b
bam.nr-data.net/1/ Frame AE96
49 B
397 B
Script
General
Full URL
https://bam.nr-data.net/1/6b678a388b?a=1510849887,1533985514&v=1228.PROD&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=745&ck=0&s=d0bb33a42ef28276&ref=https://player.megaphone.fm/VMP2413538767&ap=34&be=292&fe=352&dc=241&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679550616417,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:38,%22c%22:38,%22s%22:52,%22ce%22:86,%22rq%22:86,%22rp%22:102,%22rpe%22:116,%22dl%22:200,%22di%22:533,%22ds%22:533,%22de%22:534,%22dc%22:643,%22l%22:643,%22le%22:645%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
49
x-served-by
cache-fra-eddf8230085-FRA
6b678a388b
bam.nr-data.net/1/ Frame 3EAB
49 B
397 B
Script
General
Full URL
https://bam.nr-data.net/1/6b678a388b?a=1510849887,1533985514&v=1228.PROD&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=768&ck=0&s=d0bb33a42ef28276&ref=https://player.megaphone.fm/VMP2271799078&ap=28&be=281&fe=423&dc=257&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679550616413,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:42,%22c%22:42,%22s%22:56,%22ce%22:88,%22rq%22:89,%22rp%22:105,%22rpe%22:118,%22dl%22:196,%22di%22:538,%22ds%22:538,%22de%22:538,%22dc%22:703,%22l%22:703,%22le%22:705%7D,%22navigation%22:%7B%7D%7D&fp=515&fcp=515&jsonp=NREUM.setToken
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
49
x-served-by
cache-fra-eddf8230035-FRA
/
vtrk.doubleverify.com/
0
182 B
Ping
General
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&ea=error&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=bb5a33fb-48bc-41dd-8b07-0cd69a4dcec9&z=228838326313&ctx=21236410&cmp=DV464041&cd160=13a45ac1-5f30-4073-bc1f-b30c72109ccb&cd161=http%3A%2F%2Fpubg-gfx-pro.com%2F&cd50=qt&cd51=0&cd52=loadSignals&cd180=no-fetches&cm56=1&cm57=1&cm58=1&cm59=1&cd110=Unauthorized%20request
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.113.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-113-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
http://pubg-gfx-pro.com
date
Thu, 23 Mar 2023 05:50:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
HTTP/1.1
Server
184.24.171.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-171-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 19:40:17 GMT
Server
Apache
ETag
"d734-5f2f3919e751f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17407
Expires
Thu, 23 Mar 2023 06:05:17 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
451 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.41.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-41-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 05:50:17 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.41.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-41-104.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://pubg-gfx-pro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Mar 2023 05:50:17 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
optimally_sized_images
pubg-gfx-pro.com/services/
10 KB
10 KB
XHR
General
Full URL
http://pubg-gfx-pro.com/services/optimally_sized_images?imgkeys=67656692:*:1:216x121:webp,71927032:*:1:216x121:webp,72039787:*:1:100x100:webp,72050658:*:1:100x100:webp,72050721:*:1:100x100:webp,72068447:*:1:216x121:webp,72068455:*:1:100x100:webp,72068455:*:1:216x121:webp,72068459:*:1:100x100:webp,72068459:*:1:216x121:webp,72068463:*:1:100x100:webp,72068463:*:1:216x121:webp,72068463:*:1:440x780:webp,72078537:*:1:216x121:webp,72084705:*:1:216x121:webp,72085043:*:1:216x121:webp,72086534:*:1:216x121:webp,72086905:*:1:216x121:webp,72088437:*:1:216x121:webp,72088443:*:1:216x121:webp,72088524:*:1:216x121:webp,72088536:*:1:216x121:webp,72088573:*:1:216x121:webp,72088756:*:1:216x121:webp,72089552:*:1:216x121:webp,72091225:*:1:216x121:webp,72091296:*:1:216x121:webp,72091480:*:1:100x100:webp,72091480:*:1:216x121:webp,72091480:*:1:440x780:webp,72092393:*:1:216x121:webp,72093693:*:1:216x121:webp,72093816:*:1:216x121:webp,72093850:*:1:100x100:webp,72093850:*:1:216x121:webp,72094922:*:1:216x121:webp,72095060:*:1:216x121:webp,72095191:*:1:216x121:webp,72095537:*:1:216x121:webp,72097343:*:1:216x121:webp,72097430:*:1:216x121:webp,72097500:*:1:216x121:webp,72097588:*:1:216x121:webp,72098363:*:1:216x121:webp,72098388:*:1:216x121:webp,72100104:*:1:216x121:webp,72101252:*:1:216x121:webp,72102094:*:1:216x121:webp&asset_keys=
Requested by
Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-445adab02eca8b1d5e29.js
Protocol
HTTP/1.1
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
3898cbca6472a3cb2637505304bbbf9329d3b5156557b8c4a8eaaf7d8081c0c5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://pubg-gfx-pro.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Server
nginx/1.15.7
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7572
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
42306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 29 Mar 2023 18:05:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7572
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=ieiqf91nlz75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
162759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0055
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
42306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 29 Mar 2023 18:05:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0055
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCFmwfAAAAAA4qBtkgg3WVJWVYGkt05yKT6gi1&co=aHR0cDovL3B1YmctZ2Z4LXByby5jb206ODA.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=avapody5d0rn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
162759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
optimally_sized_images
pubg-gfx-pro.com/services/
10 KB
10 KB
XHR
General
Full URL
http://pubg-gfx-pro.com/services/optimally_sized_images?imgkeys=67656692:*:1:216x121:webp,71927032:*:1:216x121:webp,72039787:*:1:100x100:webp,72050658:*:1:100x100:webp,72050721:*:1:100x100:webp,72068447:*:1:216x121:webp,72068455:*:1:100x100:webp,72068455:*:1:216x121:webp,72068459:*:1:100x100:webp,72068459:*:1:216x121:webp,72068463:*:1:100x100:webp,72068463:*:1:216x121:webp,72068463:*:1:440x780:webp,72078537:*:1:216x121:webp,72084705:*:1:216x121:webp,72085043:*:1:216x121:webp,72086534:*:1:216x121:webp,72086905:*:1:216x121:webp,72088437:*:1:216x121:webp,72088443:*:1:216x121:webp,72088524:*:1:216x121:webp,72088536:*:1:216x121:webp,72088573:*:1:216x121:webp,72088756:*:1:216x121:webp,72089552:*:1:216x121:webp,72091225:*:1:216x121:webp,72091296:*:1:216x121:webp,72091480:*:1:100x100:webp,72091480:*:1:216x121:webp,72091480:*:1:440x780:webp,72092393:*:1:216x121:webp,72093693:*:1:216x121:webp,72093816:*:1:216x121:webp,72093850:*:1:100x100:webp,72093850:*:1:216x121:webp,72094922:*:1:216x121:webp,72095060:*:1:216x121:webp,72095191:*:1:216x121:webp,72095537:*:1:216x121:webp,72097343:*:1:216x121:webp,72097430:*:1:216x121:webp,72097500:*:1:216x121:webp,72097588:*:1:216x121:webp,72098363:*:1:216x121:webp,72098388:*:1:216x121:webp,72100104:*:1:216x121:webp,72101252:*:1:216x121:webp,72102094:*:1:216x121:webp&asset_keys=
Requested by
Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/hub_pages-61a553d769ebdf3cca92.js
Protocol
HTTP/1.1
Server
167.71.177.229 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
3898cbca6472a3cb2637505304bbbf9329d3b5156557b8c4a8eaaf7d8081c0c5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://pubg-gfx-pro.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Last-Modified
Thu, 23 Mar 2023 05:50:17 GMT
Server
nginx/1.15.7
Accept-Ranges
bytes
Content-Length
10361
Content-Type
application/json; charset=utf-8
onetag
assoc-na.associates-amazon.com/
64 B
459 B
XHR
General
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22curbedcom06-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22http%3A%2F%2Fpubg-gfx-pro.com%2F%22%7D&u=http://pubg-gfx-pro.com/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
020fc22f4717fd0d4a35abfd7b89f82d4df9fdbf782b1f04f0d0c9c779cb6d56
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1GVNND9NHBPZQG6F754Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
http://pubg-gfx-pro.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
64
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
cdn.permutive.com/
1 MB
315 KB
Script
General
Full URL
https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dda6b85dd3c519c81c91d2006ab802a63ecfc1c61a8ba08ff97c43c053e6a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f
age
0
x-guploader-uploadid
ADPycdtGNQJ8CfZC4XZ9xtJoPZchheU4qbjJBKBmHVO0xz7e1EiA4TSFDO57LKhUNd3bRxLjGpkTWNGm-xd7W98zJvz7Bg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 22 Mar 2023 19:49:40 GMT
server
cloudflare
etag
W/"ee83edcfa482de2ca6a776e0e82d5096"
vary
Accept-Encoding
x-goog-generation
1679514580742778
content-type
application/javascript
x-goog-hash
crc32c=p9v0+A==, md5=7oPtz6SC3iymp3bg6C1Qlg==
cache-control
public, max-age=900
x-goog-stored-content-length
325760
timing-allow-origin
*
cf-ray
7ac4655ea9c23834-FRA
expires
Thu, 23 Mar 2023 06:05:17 GMT
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pubg-gfx-pro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pubg-gfx-pro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
689 B
527 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=4019548468716567&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1400x600%7C1180x450&ifi=1&adks=644498607&sfv=1-0-40&prev_scp=slot_name%3Dprelude%26position%3Dprelude%26concert_rid%3D96a36780-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617380&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=1600x0&msz=1400x0&fws=132&ohw=1600&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c088e6a78448b3baae8e7c2f8ce5ba51f90dddd229af83d44dc2c7558efcef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
349
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
545 B
448 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=3404765194822672&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&ifi=2&adks=3914290967&sfv=1-0-40&prev_scp=slot_name%3Dreskin%26position%3Dreskin%26concert_rid%3D96a38e90-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617387&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=1600x0&msz=2x0&fws=132&ohw=1600&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b20019e0ffa22f0d4265670cbe88153c3a8ddceb791606832bbd720227e0eb60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
565 B
464 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=1069838825208725&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100&ifi=3&adks=4131874355&sfv=1-0-40&prev_scp=slot_name%3Dnative_ad_latest%26position%3Dnative_ad_latest%26concert_rid%3D96a403c1-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617390&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=1024&adys=1895&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=132&ohw=300&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
596b921b4a628574434dac7d6758f7d0b2861a1a853eaa5ab6a7937c6c501498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
548 B
786 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=2212243434585637&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100&ifi=4&adks=1117555584&sfv=1-0-40&prev_scp=slot_name%3Dnative_ad_latest_1%26position%3Dnative_ad_latest_1%26concert_rid%3D96a42ad0-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617393&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=1024&adys=2534&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=132&ohw=300&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24e6207bc53f9e616f37ea19db703c9df406521fb0aa106a89458baad9da62c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
276
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
548 B
449 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=3455901691031829&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100&ifi=5&adks=1453138888&sfv=1-0-40&prev_scp=slot_name%3Dnative_ad_latest_2%26position%3Dnative_ad_latest_2%26concert_rid%3D96a451e0-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617397&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=1024&adys=5213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=132&ohw=300&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
212077b9f2fed002e4d09944d73305de19e9c819ed7f9de49cb14a7bfc9dc239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
548 B
453 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=2698750822369236&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=650x150&ifi=6&adks=2267212409&sfv=1-0-40&prev_scp=slot_name%3Dnative_ad_content_link%26position%3Dnative_ad_content_link%26concert_rid%3D96a451e1-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617400&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a726e59ea3c7c8b9cfc3cf091fa52f964af8220f961f187166da2bb2cdcdd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
545 B
451 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=2405206829944329&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=200x40&ifi=7&adks=622698629&sfv=1-0-40&prev_scp=slot_name%3Dhub_sponsorship%26position%3Dhub_sponsorship%26concert_rid%3D96a478f0-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26amznbid%3D0%26amznp%3D0%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583&sc=0&cookie_enabled=1&abxe=1&dt=1679550617402&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=260&adys=279&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=1080x0&msz=200x0&fws=132&ohw=1080&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13bba78983a3786e5bd9c199dd1b8df0717f0a9f250b8d876ab8b415cb32e9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
273
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30B1
6 KB
3 KB
Document
General
Full URL
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:17 GMT
expires
Fri, 22 Mar 2024 05:50:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
headerstats
as-sec.casalemedia.com/
0
509 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=360954&u=http%3A%2F%2Fpubg-gfx-pro.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9NtxE%2F1RFF4IPZTflN6%2FEflL%2BICpzm3QAIyRH8y%2BO1524itM95iEFzvJa0%2BEtqAaXN%2Fg73mVlP%2FY6NFwcToHglNRK1SX2l2X2TJa0PKk%2FZfM%2Fs8x0ZaFGTs84sSce6w3TVic3TLqlE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac4655f3c37371d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
7470-pbjs-floors.json
ads.rubiconproject.com/floors/
49 KB
6 KB
XHR
General
Full URL
https://ads.rubiconproject.com/floors/7470-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/7470.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c044aea49eb0ae9e7337639b83fa63c760be5b36a9d7a20313b5debd1f4dca6

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2023 04:40:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5924
bid
aax.amazon-adsystem.com/e/dtb/
64 B
505 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3176&u=http%3A%2F%2Fpubg-gfx-pro.com%2F&pid=Huufw2e2YYIVr&cb=0&ws=1600x1200&v=23.320.1710&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-desktop_leaderboard_variable%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%221020x90%22%5D%2C%22sn%22%3A%22%2F172968584%2Fvox%2Fvox.com%2Ffront_page%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-medium_rectangle_variable%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F172968584%2Fvox%2Fvox.com%2Ffront_page%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a4c1d1593ad1518a5ae988850f59f26dcb7cf64e823ee0fea0fb5c2f35e928cc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
Y6JHSE23SQ218WK85DTJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
6cxBTYO82CSIsBJrSKxfrDyMvU3hsIvZOZjAUG8RcYWrDbUgKxWx7g==
6b678a388b
bam.nr-data.net/events/1/ Frame AE96
24 B
348 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6b678a388b?a=1510849887,1533985514&v=1228.PROD&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=1111&ck=0&s=d0bb33a42ef28276&ref=https://player.megaphone.fm/VMP2413538767
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2413538767?light=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://player.megaphone.fm/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://player.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230035-FRA
6b678a388b
bam.nr-data.net/events/1/ Frame 3EAB
24 B
348 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6b678a388b?a=1510849887,1533985514&v=1228.PROD&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=1117&ck=0&s=d0bb33a42ef28276&ref=https://player.megaphone.fm/VMP2271799078
Requested by
Host: player.megaphone.fm
URL: https://player.megaphone.fm/VMP2271799078?light=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://player.megaphone.fm/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://player.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230085-FRA
pxid
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/
12 B
226 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/pxid?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/
11 B
821 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:17 GMT
AN-X-Request-Uuid
1a0305cf-e6f9-43a5-aaf9-5ef8948aa430
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://pubg-gfx-pro.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.187; 185.213.155.187; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin
cdn.permutive.com/models/v2/
28 KB
21 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88340b1692e8ced562a228c6108d70b3080e211948b212d2c27270a162969184

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f
age
0
x-guploader-uploadid
ADPycdvopALsBCHMHWDQZdElcjGpHyLOclxmKnbW7Md8YoLHcHJ5QoAwUCmnj5eQGTfheXAQhto6nkH37aO-SZRBVJmRuZnM4xna
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20616
last-modified
Wed, 22 Mar 2023 19:49:44 GMT
server
cloudflare
etag
"df213a3e7df4822ded5475821c10be3e"
vary
Accept-Encoding
x-goog-generation
1677736922941948
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=C0nb3w==, md5=3yE6Pn30gi3tVHWCHBC+Pg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
20616
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac4656009ae9066-FRA
expires
Thu, 23 Mar 2023 05:50:17 GMT
geoip
api.permutive.com/v2.0/
261 B
369 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
watson
api.permutive.com/v2.0/
2 B
87 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
GettyImages_1471924599.0.jpg
cdn.vox-cdn.com/thumbor/d5wFP4s3liXsjptYQFrNWe28RNI=/0x46:5765x3289/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72100104/
6 KB
7 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/d5wFP4s3liXsjptYQFrNWe28RNI=/0x46:5765x3289/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72100104/GettyImages_1471924599.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
df8d6a853589c98c658e1aa906459fdcbd3960cd9c2aed944e6909272f84143c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
24, 1
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
114439
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6598
x-served-by
cache-iad-kcgs7200121-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550618.591835,VS0,VE1
etag
"1bdd4be51e6abb344e960dd1b7431a5746394635"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 10:02:59 GMT
jeremy_strong_sarah_snook_kieran_culkin.0.jpg
cdn.vox-cdn.com/thumbor/pQ4-LAAh3xF8YhERCw29RfgsnKk=/0x99:1920x1179/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101252/
7 KB
8 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/pQ4-LAAh3xF8YhERCw29RfgsnKk=/0x99:1920x1179/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72101252/jeremy_strong_sarah_snook_kieran_culkin.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
236c08162c64082468734debe61e8fb7b846872e68334af8a0b2f25b54aaad7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
43, 1
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
71382
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7626
x-served-by
cache-iad-kiad7000030-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550618.592003,VS0,VE1
etag
"f5fa4f801edb11dd6c15ea4c0a78e87310202e9f"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 22:00:35 GMT
Vox_Doomerism_Media_Final_2.0.jpg
cdn.vox-cdn.com/thumbor/n3x1v-XitWnynaVFyAdqNbsywGs=/0x0:7200x4050/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72068463/
5 KB
5 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/n3x1v-XitWnynaVFyAdqNbsywGs=/0x0:7200x4050/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72068463/Vox_Doomerism_Media_Final_2.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
2305882d442090437b7c1cfde1bf314d5217f9c9b71873a9c208570f0c8b8486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
17, 1
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
64660
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4758
x-served-by
cache-iad-kcgs7200049-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550618.592140,VS0,VE1
etag
"84274b74cbe630e867b1dc994c1b8f01093be756"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 21 Mar 2033 23:52:37 GMT
GettyImages_878261512.0.jpg
cdn.vox-cdn.com/thumbor/qdsf4gBCPJI5TTIplsdW9JW2NDc=/0x638:4961x3429/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72102094/
10 KB
10 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/qdsf4gBCPJI5TTIplsdW9JW2NDc=/0x638:4961x3429/250x141/filters:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/72102094/GettyImages_878261512.0.jpg
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
94cf5bd7d5a0ff058838ef883d1781b760d3aecb7e9682c8163feb70c38e9775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
16, 1
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
54577
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9954
x-served-by
cache-iad-kjyo7100152-IAD, cache-fra-eddf8230038-FRA
server
Thumbor/6.7.0
x-timer
S1679550618.592115,VS0,VE2
etag
"0c31bbced5e3d5afcb06954401c998d62733930f"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 22 Mar 2033 02:40:40 GMT
1e62eda9-06c0-4580-88f3-a524f7e9a000
http://pubg-gfx-pro.com/
787 KB
0
Other
General
Full URL
blob:http://pubg-gfx-pro.com/1e62eda9-06c0-4580-88f3-a524f7e9a000
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e9cec86e87bfa24a5a4fb440331183b2cb0751fb9be2b3b12c7dff55fcf3160

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length
806216
Content-Type
fff27aac-187e-4d41-8612-44d835a89783
http://pubg-gfx-pro.com/
787 KB
0
Other
General
Full URL
blob:http://pubg-gfx-pro.com/fff27aac-187e-4d41-8612-44d835a89783
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e9cec86e87bfa24a5a4fb440331183b2cb0751fb9be2b3b12c7dff55fcf3160

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length
806216
Content-Type
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
139dc774a0f7b5ace73dd2ffa07011d3ca960969a0fc678cb38ee44844534d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11188
x-xss-protection
0
identify
api.permutive.com/v2.0/
50 B
264 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
246dfe94163ebc22a22a8bbca1c3a04dd040c66076c706c26498c424d9b181b8

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
85 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
segment
api.permutive.com/adv/v2/
30 B
94 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
320 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
195 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
274 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
293 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 05:50:17 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pubg-gfx-pro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pubg-gfx-pro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
388 B
164 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=4488258437340546&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%7C1020x90&ifi=8&adks=2212633169&sfv=1-0-40&prev_scp=slot_name%3Ddesktop_leaderboard_variable%26position%3Ddesktop_leaderboard_variable%26concert_rid%3D96a38e91-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse%26c_sv%3D4%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D14285%252C22691%252C23231%252C23238%252C34913%252C34914%252C34916%252C34917%252C38622%252C56587%252C81392%252C88725%252C112273%252C112274%252C112275%252C112276%252C112277%252C112278%252C112280%252C112281%252C112282%252Crts%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583%26prmtvsdk%3Dweb&sc=0&cookie=ID%3D296fd0e6c9f75976%3AT%3D1679550617%3AS%3DALNI_MYYi6YfvYGei5eScmfzk2aztj2GrQ&gpic=UID%3D00000bcaf881d43e%3AT%3D1679550617%3ART%3D1679550617%3AS%3DALNI_MZnJiATiiK-G53wpwIliocnK5IbQw&abxe=1&dt=1679550617959&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=436&adys=98&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=1600x90&msz=730x-1&fws=4&ohw=730&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90d7b65f902db3904604c51027e71b20298a91e0b907ce26800c4a60fd41314b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323491901810887&correlator=4192787751672343&eid=31072879%2C44785728%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Cvox%2Cvox.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=4228810071&sfv=1-0-40&prev_scp=slot_name%3Dmedium_rectangle_variable%26position%3Dmedium_rectangle_variable%26concert_rid%3D96a3b5a1-c93e-11ed-b3ed-e5d92498f333%26ccc%3Dfalse%26c_sv%3D4%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dvox%26affiliation%3Dgeneral%26unison%3Dtrue%26page_type%3Dhome_page%26entry_group%3Dfront-page%26keywords%3Dvox%252Cunderstand%252Cthe%252Cnews%252Cfront-page%26pageload_id%3D492c9753-5c58-4d50-8a86-ebd6569ac7d3%26permutive%3D14285%252C22691%252C23231%252C23238%252C34913%252C34914%252C34916%252C34917%252C38622%252C56587%252C81392%252C88725%252C112273%252C112274%252C112275%252C112276%252C112277%252C112278%252C112280%252C112281%252C112282%252Crts%26pts_pid%3Dbb5a33fb-48bc-41dd-8b07-0cd69a4dcec9%26fins%3D%26cts_client%3D1%26cts_client_keyword_list%3Dlist_583%26prmtvsdk%3Dweb&sc=0&cookie=ID%3D296fd0e6c9f75976%3AT%3D1679550617%3AS%3DALNI_MYYi6YfvYGei5eScmfzk2aztj2GrQ&gpic=UID%3D00000bcaf881d43e%3AT%3D1679550617%3ART%3D1679550617%3AS%3DALNI_MZnJiATiiK-G53wpwIliocnK5IbQw&abxe=1&dt=1679550617963&lmt=1679550617&dlt=1679550615544&idt=1524&adxs=1025&adys=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&frm=20&vis=1&psz=300x250&msz=302x-1&fws=4&ohw=300&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1514973192.1679550617&ga_sid=1679550617&ga_hid=1309031148&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79e0bd8ede0a71a61f09b8b1dc5d9336b04d01540008d4714ca152e286312449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10041
x-xss-protection
0
google-lineitem-id
6193689267
pragma
no-cache
server
cafe
google-creative-id
644073610061
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pubg-gfx-pro.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 095B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 19:44:50 GMT
expires
Thu, 21 Mar 2024 19:44:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0D00
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
80cba3df50f7516d09219dea3a907afaa494594c1ece508ad18ce5758442d9ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hSbBLZis9QtWcaAK1afI5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-hSbBLZis9QtWcaAK1afI5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:18 GMT
expires
Thu, 23 Mar 2023 05:50:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
pagead2.googlesyndication.com/bg/ Frame 095B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
138631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:19:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D00
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032001&jk=2323491901810887&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 095B
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?y-aOow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
events
api.permutive.com/v2.0/batch/
101 B
128 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c02ab9990d088d60bcf3fd3b43b7ba49e6e41b524069f6b7cf0150cc1e1266b0

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
container.html
672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D4C
6 KB
3 KB
Document
General
Full URL
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pubg-gfx-pro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:17 GMT
expires
Fri, 22 Mar 2024 05:50:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6F42
624 B
577 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 05:50:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3D4C
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 05:50:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D4C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CA80VeIj338yDlC7A2WxOLHEtE00rwS3Dybi1MOyzIi3dC7ZtXKLaGurABkLxkdbEL2V7UEwKBUs9HoAvUvzdD60R-QPgMaDNMji2P-wuevwOH51w
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D4C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8243715673885036453&x=1&ct=77
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 3D4C
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16043422&cmp=1074559823&plc=1078766995&sid=66552&dvregion=0&unit=300x600
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 3D4C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
52593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Apr 2023 15:13:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 3D4C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
52593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
cafe
etag
8620137988422272387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Apr 2023 15:13:45 GMT
l
www.google.com/ads/measurement/ Frame 3D4C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD_k17a4gAp7iJ2d6TQhjK58wMxsVOastZ99GW-SlFn3s34RQtsa03Y3vT6TVnUGh9LarribASntKL8UsfcXqoIK17dA
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D4C
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 05:50:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D4C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3873592330415&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D4C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3873592330415&version=m202301230201&ct=77&x=1&cor=8243715673885037000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3D4C
28 KB
17 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ah1FjfK2UIc7jpiTc5-ziKlOqolA5fcGCWSzIrcAkATLpb4udrdOFYToOzlEJ9NveHuOJQStmr5juJOIvdgaVDH5NUZhKsCiOwd_imMq27tsD3X7q4AjMNoH1Rz6IauNtUfgALdkRcmYGeTqLxTuQE3taH8u5v8tAS95xa7DNgRtViTVU&cry=1&dbm_d=AKAmf-Dy6fQvOXy-7kKr1yZesj1BYQxNdFHMt2vYzwWbqEZGyHN-vLZIRzr05BjhxL0h849OZm261gs_AnnXMpXDyb8bz5XJhUxVsl8Co726CzFNlAp6LyN_9G6Rf0IEHdmgBoP4PNVzXHls_W47mAK9cKC3AokMl3_SShAzFVXBW_Rs6Ji9Vn0eYQ1Mm9YWCs50UUeoYbyS4VYUPe2qbA2sWQCVlybpMyJHGUZFiwkbsPgaytKye5Bh_Gqvreb897ODABAh6Zk5sj8jjFAAhKaoO76byuMQ0VkT3Q5KkcGBrjZW1PMZCM8veWit3i7brQKIPNwM_6J_ELwgHW9Zfva9uuniscrSDC-G-Zxm6P413B9-fBz0L0dNuQ1yQS6NGuXeO4NbZ6Lx6jvBzZ4M3j5jNYOqdSqNGlHd70ZYxBlW3rTVxTwfyXbf79zRGPt9L96KWN5OAnZL9hbiJsOCRXBNpnhGeBqPJMxG3XPiMI2sS05oSNUXr-QMnVD3pxgYpD06JowKdNEjCWvWEUG5_-YYNk3mBgwihx2acT2ilRAopxed2TN30Dpbi7XkuS0FepisnI3or0WsoyH2xyzId9y4Xpr6NOyv7sKo-9vAMrWsIzvFataYW757FggL1V6uL0z2GgOlGmYlpLu1NbBw3gqtbFMTJTPL5IXhBSqeSbmjVg51xp1h2vnbOXzJUFkizDYLmeqauruRCBaOle3--FO8V01L6QWl_XOC8sxVjNDHprP11D9zHMOSqzVT5wT2keMCFhXgyv6RBxPQfu5kFvX2mvGA1qJ2g51p_rTbtdolFpoyKe0V7DcLmFPQjJIUaY1yYQpnrBpT8TX-niHZ8vFNLKd6UrHlLxAxAkF7sfm6c5Xgn6073f0G7sFWSzkFM7vuH8uxeWUyBBJ6syczSiHde_kCraHlqciWpjb2d-SQPloLknj23dqT8PBm7KcaRcanoGWzkJhXU0Ct2dUrWgyS4tWZfisjZeyaaTmGbPbIqWltY9UGcPEIbrRxsY_Iufxzr_AucUQv-NfeYe-QiusnR5bnYT-s-_sfHgt-UK9GIJCqUa_NMeru056ffAgtTsiFshJ8C2QdfbiGiw4s16tbv_UZ1rLIv4PlbdYvKBkfFqh-UCwUunC4UpQkVQ-0nayHtfPNQwS4B1kozT7gvf2TDfeXnNsSOUd7CcWnWEQcZn20Vlv5tczB3MO0PISbEkNZADH1T6ODEBvxOF7ZaGiDLNpENGXqJjDAWWF3tGWnIgn1feclPMkM773S-be7voRAu95sMRaeHEIXlPsSskrS6GTNqDAxQhIkxdJ3B-YApeZ0MpwQUa7wnATAX_x7O3mFMK-YRBvC2ufENXEdAc41D3EJOIfc1t0dZcB7FRXWxEh9cyiIoBtKAycaaM2cPRYgTfM7OAa7iPRSCpHQnQI4nyGv774Bf-wbZHkcPEFU87amtzBVPQ90hQtpmEvybHTy_S1xdbKoIOY7Asu6nAN9Ri_3xk1k_BgaO3yTgS9fsawHM2eeHMc8cvCNBsT3I_fyRfdPnfWRfqs2YGdYWoIH3hJK3uGIKrXYaY_d0j4h9mZJ9chcSMM-tnOrLrzFkY2f9KgEBgFcxERhwfPHLi7qE7Qk2KzJMwCTji765q3k_20Wo0CLnvldvpMqEAaWTVsWUe8cYCtvm9XMF_jurdbLhbRx7uVbPExl6k8D-jda86dj2Uz4aUlHi2hwVwX2KWMuv7U4K0BA0VX9Qji2zM9zySVvNqv04A7lB4TCBADUqUfNqMBCccbSJ12t1MsvuqIYTMFTxmKKYTFFsrEP8-wselA389yb47Bf324866EEQffj8Oj3rtDrHpY1Quqs4paVpSNVhFB7b7EmLExO_AjWRJ2U3fMgXkr1uhH5Bhyl06bbVcbNz1_cmo_cgJ_ETnUk_WBR7KU2znFY5ex8n8zsUH6bwQSeR8pGuiaKJX2koQ4rysRvoiNwXr4koJW7qWFWYl8_ni2mxV_Ap_qjLK2UaZodSkDfbjmIRUBIFQGZOTLYI45_ARozdU-B0jI6r2hEHo_XnhvwwFPrpIceRWX1u35pBGMByRe3PTztwzVI8dv9ikqmBLA23ASXwIoSBUSzrH3jpShFpvUvbxEM0Qx2MLZ5yGEiSHMvxJ2c5x8YpZt1ftlNJ0EmEoZt02ncx2ZJRrnPSs-lsPV7ZKM237D0CoVbW6FaLVFS0ke0TpCidEcOM-SAj71IzkO6NUVHQ01bhJWxfAXXqTZXq0T-ztzOvTZk9PxcW1IZS5rR17YF1l1s9FA5Lw5tUGkWAN3f8RSsOzOxonWDtDhaYib2xZ3pfXlOkA-bDVwCj709WnNyhExilWHY3QY3pN1VeT1w5M5Zw7cLwW8fBP-3J_0lZoWcAKsDHfCoRlEIj4ihJwYqOPTKeXdab61HilMNt08b2wv7Mm_2wI4IihcmC_iQ3-gJNET4pszN320nfXKVGirzLBHefRirw7RU7uMvG6rbPUyk9TA2MCnV-CeNJynXC-v69FhmoLh3pgsi8fXXocHKGXLEVKxYPaINz5PfthrBQUgZjOi4_zoQJQRnaaATNNYDj6OCFDuzLlIL7mQROlQEQrpCiaf4blC--QQNZRaO0DPahhZRMCz6TSawtPH9fWd967_u2xL0BWQDH3MBRwlwHlDgj4-R-HgLqGuyk2lZZUDtDJuW7e6IL0f9ARDfPxo6u1tl3QeDUZyCgKqWdMu5w_GMxHUrlW547u89PznPPi1sWKr9144NBRYq_gIURNGtvZK2Kw8zkcPmaREAIbEyLxVmKbMy6WvgS8nFEhx5Iwm7WGYhZk2bkF-81B1HKWkcuGIUM29dry2B2yUkGkCh5qFSBS7-gRGAGq67ZGomqyH_LNoWMjye9mMxBk8rYocuQQ_exezNjLBLZkl_iZbwIEjEFNSmdi0BRNbDeH6DtUbBeF65O1ZBreGd3RDnN7kFjJtyGVaPUxG09dReDqH260z3eVTszA1mA1O76cuRO0RdfnBzwEDm4cdO49MlK478VaQT5Kq0usU390tJ49Y1KQZ-c178-g6in5Al6YZJZ3pili3_5B0THTPZyHqcuyuXS1z-iAR2WgkmkJA2UKEA8iqV_aRmCagMN6FWObcvB0n13eIafUlu8gKUvs5CauBGpUpud0F8cdUDiHjr2teFjuc49rxtpLbO0q1Cglcn_njQ_0uWpA610d3ZP2QPemvJkNElyZuSti-yYlF3Iuc4sPlDdeRVspDcLVu6jkRXdMVlPLOLZZyZkDNvb44JZiH0EPzSXV4aCmWBeLMGvCGMkfuLJ-mj8BZaUiFgZMi2JvloQyAzvCpLifVCkZGCSOJqdkmlTeh1qTTJzM_k-gAR5pru563JzTmjXVXmtAKMv39ahZDWfymN7AQaY-Qa0Ztkn4xxxxDqt3UlaA1OgoQ5pjX7sArUmok1xFNE2qn43x99rja1lDTHnNcgi7_1jTr_2yZFsV44rVKUyZxxn1EiKf1iXbpaDfWzk0fUtXHSoD5ldljmEJ3SAnV97FHMoVXpcDTJMU-YB_e5oPgKnyjitHG8o9-M18nkq18JjR8bm6MNYvvHt0V0HFJuWM2ydsamFjUR6E00U03lvljjdMxHUuSoJ6y7YpjUYBnBMdHV5le3L0X6ePY_J7tDfJCv5-xZFlfuwgL2AaZ2H2rjp5uFqTVLFos6BpXCzLp_EOaHOOUAMp3huPyxQuAzhREnCrtKxp95XPkVZYy3p8-CJdmOdQ4HQWFsHQpTISqDPYJP_rvs59BX19CT3viPkrtyqwFDMX1SSTl2I3P7KSU681kyAwaS3r_xc2FurgvoQdNCOssHM5D2Tpyt2p3dsVX3Mbz8M8f6G5EdHu1C9cM7MdcRkACEn1aTbn--VwEsAYlVdZ9_bflAt9LMFRCWrwbjEYAanW6n2SNRk4oJntX7zBa-nY4TX7CsuG190EAb2aesumzd4FrwINoWd75qwJ3bxUu5pAEj31vdVFCphFehV3O-HR1sKkw7vF-tai4FUpsGUX1O83BiARSLzBtK38h9Y2GjgopQDRvk4CAGoamxkbOsxTcrv3VFDTJWnPR7VeYE6h75zxERRee69MwlDhllKvxz2oidU19tdzrR-GRwqpvqY-92Edkn5RmofU-gTX1y-VNzzA_4TeJlt1m8jyfDatYeB6rLPiKmY0EA1UbYHUUuCYGow6miTnNyzFMpA6JLtuTWE7SsBjTIMefcU6s--aIGXRsIsNMb4BYIjAJUZnuS3rdHAyTTdiCBtssd23KwQQYLAzuRGwG4XFqr_E2B0lkb_MI7QFKgALNHGIn2Nf0vInCBDujOjUV5oWsvKymdt9xrbccnV-K-1UOk5xPSipaXsXI9D5sMunmc4uWb-unPOtoXTf9zC-wik2Xwf4Y4cNgfltoXogK1nIXEPGRR3Wua282UUO0oO2waBIc57tkfFtmDNYoiWpk4YujP0tmzdJf-tjIEiiQILkUtqzMnfbH3dT1NUXb3ZjXjgwg4smkKqNkgSyY2i8Ng75zXmbnnV1owGbMT1DscbfU9VpYWTOprNKXULq5BjLr1LiBxTG0Th7aaLmV0m01RPWcp2aC2dAkg186-tXYXU--TOAWKsrtJ89d47opa7TKC2rZeTVPRVwd3jD2QkxX8KcZ-f1Gqy8fV0uWd_2vYTXxRg73UedRA07Ps9_fkqONgPL5rGJ1UtPZsSbCheB8&cid=CAQSOwDUE5ym8S2MmzfCUNDX4HHtbBOXtPird0fgwBVum2-KQHwR4VgmiWb7BKCwyfYXe3V0YlJk2_gbSFycGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fpubg-gfx-pro.com%2F&ds=l&xdt=1&iif=1&cor=8243715673885037000&adk=4188270525&idt=132&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd84e9826c96ada76b0219c08ecf8db22b27dd82c05a8db5f71c4ef5ba113ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16816
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6F42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6F42
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBvomkaKG3MPPJkY2NxQzgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELB2X5m80ZwyECkXt4uK53Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6F42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJmuVItrubigEhOnFme30-k&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJmuVItrubigEhOnFme30-k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:18 GMT
AN-X-Request-Uuid
b3df762b-ad31-4a22-bd4d-78544efae0c7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.187; 185.213.155.187; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJmuVItrubigEhOnFme30-k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F42
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzNzYxODE3Mjc5NTcyNjgxOQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzNzYxODE3Mjc5NTcyNjgxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPr-QEQ7vWQAhiQyuTdATAB&v=APEucNWAuCFhc42qUcI6yjFuK-iv9YyTRAot4rJ5V4EXpWMn44Pr2YdOuBbVymQQD8eocrl62uvMNSnBmgpfWJdLro5Pl3j7QlQAmN16ixvQ1i6W21q7UKWbNwNqj-quIEotWcFYondUAUcCG5ZNnGnWfhRxXifEplmIbEBcW8kAoraT2nOIIdI
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 05:50:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.187; 185.213.155.187; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9bce07a5-4572-4112-a1f7-678d87717c3f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzNzYxODE3Mjc5NTcyNjgxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 3D4C
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ah1FjfK2UIc7jpiTc5-ziKlOqolA5fcGCWSzIrcAkATLpb4udrdOFYToOzlEJ9NveHuOJQStmr5juJOIvdgaVDH5NUZhKsCiOwd_imMq27tsD3X7q4AjMNoH1Rz6IauNtUfgALdkRcmYGeTqLxTuQE3taH8u5v8tAS95xa7DNgRtViTVU&cry=1&dbm_d=AKAmf-Dy6fQvOXy-7kKr1yZesj1BYQxNdFHMt2vYzwWbqEZGyHN-vLZIRzr05BjhxL0h849OZm261gs_AnnXMpXDyb8bz5XJhUxVsl8Co726CzFNlAp6LyN_9G6Rf0IEHdmgBoP4PNVzXHls_W47mAK9cKC3AokMl3_SShAzFVXBW_Rs6Ji9Vn0eYQ1Mm9YWCs50UUeoYbyS4VYUPe2qbA2sWQCVlybpMyJHGUZFiwkbsPgaytKye5Bh_Gqvreb897ODABAh6Zk5sj8jjFAAhKaoO76byuMQ0VkT3Q5KkcGBrjZW1PMZCM8veWit3i7brQKIPNwM_6J_ELwgHW9Zfva9uuniscrSDC-G-Zxm6P413B9-fBz0L0dNuQ1yQS6NGuXeO4NbZ6Lx6jvBzZ4M3j5jNYOqdSqNGlHd70ZYxBlW3rTVxTwfyXbf79zRGPt9L96KWN5OAnZL9hbiJsOCRXBNpnhGeBqPJMxG3XPiMI2sS05oSNUXr-QMnVD3pxgYpD06JowKdNEjCWvWEUG5_-YYNk3mBgwihx2acT2ilRAopxed2TN30Dpbi7XkuS0FepisnI3or0WsoyH2xyzId9y4Xpr6NOyv7sKo-9vAMrWsIzvFataYW757FggL1V6uL0z2GgOlGmYlpLu1NbBw3gqtbFMTJTPL5IXhBSqeSbmjVg51xp1h2vnbOXzJUFkizDYLmeqauruRCBaOle3--FO8V01L6QWl_XOC8sxVjNDHprP11D9zHMOSqzVT5wT2keMCFhXgyv6RBxPQfu5kFvX2mvGA1qJ2g51p_rTbtdolFpoyKe0V7DcLmFPQjJIUaY1yYQpnrBpT8TX-niHZ8vFNLKd6UrHlLxAxAkF7sfm6c5Xgn6073f0G7sFWSzkFM7vuH8uxeWUyBBJ6syczSiHde_kCraHlqciWpjb2d-SQPloLknj23dqT8PBm7KcaRcanoGWzkJhXU0Ct2dUrWgyS4tWZfisjZeyaaTmGbPbIqWltY9UGcPEIbrRxsY_Iufxzr_AucUQv-NfeYe-QiusnR5bnYT-s-_sfHgt-UK9GIJCqUa_NMeru056ffAgtTsiFshJ8C2QdfbiGiw4s16tbv_UZ1rLIv4PlbdYvKBkfFqh-UCwUunC4UpQkVQ-0nayHtfPNQwS4B1kozT7gvf2TDfeXnNsSOUd7CcWnWEQcZn20Vlv5tczB3MO0PISbEkNZADH1T6ODEBvxOF7ZaGiDLNpENGXqJjDAWWF3tGWnIgn1feclPMkM773S-be7voRAu95sMRaeHEIXlPsSskrS6GTNqDAxQhIkxdJ3B-YApeZ0MpwQUa7wnATAX_x7O3mFMK-YRBvC2ufENXEdAc41D3EJOIfc1t0dZcB7FRXWxEh9cyiIoBtKAycaaM2cPRYgTfM7OAa7iPRSCpHQnQI4nyGv774Bf-wbZHkcPEFU87amtzBVPQ90hQtpmEvybHTy_S1xdbKoIOY7Asu6nAN9Ri_3xk1k_BgaO3yTgS9fsawHM2eeHMc8cvCNBsT3I_fyRfdPnfWRfqs2YGdYWoIH3hJK3uGIKrXYaY_d0j4h9mZJ9chcSMM-tnOrLrzFkY2f9KgEBgFcxERhwfPHLi7qE7Qk2KzJMwCTji765q3k_20Wo0CLnvldvpMqEAaWTVsWUe8cYCtvm9XMF_jurdbLhbRx7uVbPExl6k8D-jda86dj2Uz4aUlHi2hwVwX2KWMuv7U4K0BA0VX9Qji2zM9zySVvNqv04A7lB4TCBADUqUfNqMBCccbSJ12t1MsvuqIYTMFTxmKKYTFFsrEP8-wselA389yb47Bf324866EEQffj8Oj3rtDrHpY1Quqs4paVpSNVhFB7b7EmLExO_AjWRJ2U3fMgXkr1uhH5Bhyl06bbVcbNz1_cmo_cgJ_ETnUk_WBR7KU2znFY5ex8n8zsUH6bwQSeR8pGuiaKJX2koQ4rysRvoiNwXr4koJW7qWFWYl8_ni2mxV_Ap_qjLK2UaZodSkDfbjmIRUBIFQGZOTLYI45_ARozdU-B0jI6r2hEHo_XnhvwwFPrpIceRWX1u35pBGMByRe3PTztwzVI8dv9ikqmBLA23ASXwIoSBUSzrH3jpShFpvUvbxEM0Qx2MLZ5yGEiSHMvxJ2c5x8YpZt1ftlNJ0EmEoZt02ncx2ZJRrnPSs-lsPV7ZKM237D0CoVbW6FaLVFS0ke0TpCidEcOM-SAj71IzkO6NUVHQ01bhJWxfAXXqTZXq0T-ztzOvTZk9PxcW1IZS5rR17YF1l1s9FA5Lw5tUGkWAN3f8RSsOzOxonWDtDhaYib2xZ3pfXlOkA-bDVwCj709WnNyhExilWHY3QY3pN1VeT1w5M5Zw7cLwW8fBP-3J_0lZoWcAKsDHfCoRlEIj4ihJwYqOPTKeXdab61HilMNt08b2wv7Mm_2wI4IihcmC_iQ3-gJNET4pszN320nfXKVGirzLBHefRirw7RU7uMvG6rbPUyk9TA2MCnV-CeNJynXC-v69FhmoLh3pgsi8fXXocHKGXLEVKxYPaINz5PfthrBQUgZjOi4_zoQJQRnaaATNNYDj6OCFDuzLlIL7mQROlQEQrpCiaf4blC--QQNZRaO0DPahhZRMCz6TSawtPH9fWd967_u2xL0BWQDH3MBRwlwHlDgj4-R-HgLqGuyk2lZZUDtDJuW7e6IL0f9ARDfPxo6u1tl3QeDUZyCgKqWdMu5w_GMxHUrlW547u89PznPPi1sWKr9144NBRYq_gIURNGtvZK2Kw8zkcPmaREAIbEyLxVmKbMy6WvgS8nFEhx5Iwm7WGYhZk2bkF-81B1HKWkcuGIUM29dry2B2yUkGkCh5qFSBS7-gRGAGq67ZGomqyH_LNoWMjye9mMxBk8rYocuQQ_exezNjLBLZkl_iZbwIEjEFNSmdi0BRNbDeH6DtUbBeF65O1ZBreGd3RDnN7kFjJtyGVaPUxG09dReDqH260z3eVTszA1mA1O76cuRO0RdfnBzwEDm4cdO49MlK478VaQT5Kq0usU390tJ49Y1KQZ-c178-g6in5Al6YZJZ3pili3_5B0THTPZyHqcuyuXS1z-iAR2WgkmkJA2UKEA8iqV_aRmCagMN6FWObcvB0n13eIafUlu8gKUvs5CauBGpUpud0F8cdUDiHjr2teFjuc49rxtpLbO0q1Cglcn_njQ_0uWpA610d3ZP2QPemvJkNElyZuSti-yYlF3Iuc4sPlDdeRVspDcLVu6jkRXdMVlPLOLZZyZkDNvb44JZiH0EPzSXV4aCmWBeLMGvCGMkfuLJ-mj8BZaUiFgZMi2JvloQyAzvCpLifVCkZGCSOJqdkmlTeh1qTTJzM_k-gAR5pru563JzTmjXVXmtAKMv39ahZDWfymN7AQaY-Qa0Ztkn4xxxxDqt3UlaA1OgoQ5pjX7sArUmok1xFNE2qn43x99rja1lDTHnNcgi7_1jTr_2yZFsV44rVKUyZxxn1EiKf1iXbpaDfWzk0fUtXHSoD5ldljmEJ3SAnV97FHMoVXpcDTJMU-YB_e5oPgKnyjitHG8o9-M18nkq18JjR8bm6MNYvvHt0V0HFJuWM2ydsamFjUR6E00U03lvljjdMxHUuSoJ6y7YpjUYBnBMdHV5le3L0X6ePY_J7tDfJCv5-xZFlfuwgL2AaZ2H2rjp5uFqTVLFos6BpXCzLp_EOaHOOUAMp3huPyxQuAzhREnCrtKxp95XPkVZYy3p8-CJdmOdQ4HQWFsHQpTISqDPYJP_rvs59BX19CT3viPkrtyqwFDMX1SSTl2I3P7KSU681kyAwaS3r_xc2FurgvoQdNCOssHM5D2Tpyt2p3dsVX3Mbz8M8f6G5EdHu1C9cM7MdcRkACEn1aTbn--VwEsAYlVdZ9_bflAt9LMFRCWrwbjEYAanW6n2SNRk4oJntX7zBa-nY4TX7CsuG190EAb2aesumzd4FrwINoWd75qwJ3bxUu5pAEj31vdVFCphFehV3O-HR1sKkw7vF-tai4FUpsGUX1O83BiARSLzBtK38h9Y2GjgopQDRvk4CAGoamxkbOsxTcrv3VFDTJWnPR7VeYE6h75zxERRee69MwlDhllKvxz2oidU19tdzrR-GRwqpvqY-92Edkn5RmofU-gTX1y-VNzzA_4TeJlt1m8jyfDatYeB6rLPiKmY0EA1UbYHUUuCYGow6miTnNyzFMpA6JLtuTWE7SsBjTIMefcU6s--aIGXRsIsNMb4BYIjAJUZnuS3rdHAyTTdiCBtssd23KwQQYLAzuRGwG4XFqr_E2B0lkb_MI7QFKgALNHGIn2Nf0vInCBDujOjUV5oWsvKymdt9xrbccnV-K-1UOk5xPSipaXsXI9D5sMunmc4uWb-unPOtoXTf9zC-wik2Xwf4Y4cNgfltoXogK1nIXEPGRR3Wua282UUO0oO2waBIc57tkfFtmDNYoiWpk4YujP0tmzdJf-tjIEiiQILkUtqzMnfbH3dT1NUXb3ZjXjgwg4smkKqNkgSyY2i8Ng75zXmbnnV1owGbMT1DscbfU9VpYWTOprNKXULq5BjLr1LiBxTG0Th7aaLmV0m01RPWcp2aC2dAkg186-tXYXU--TOAWKsrtJ89d47opa7TKC2rZeTVPRVwd3jD2QkxX8KcZ-f1Gqy8fV0uWd_2vYTXxRg73UedRA07Ps9_fkqONgPL5rGJ1UtPZsSbCheB8&cid=CAQSOwDUE5ym8S2MmzfCUNDX4HHtbBOXtPird0fgwBVum2-KQHwR4VgmiWb7BKCwyfYXe3V0YlJk2_gbSFycGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fpubg-gfx-pro.com%2F&ds=l&xdt=1&iif=1&cor=8243715673885037000&adk=4188270525&idt=132&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:14:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
52545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10980
x-xss-protection
0
server
cafe
etag
17255800071175307161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Apr 2023 15:14:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D4C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ah1FjfK2UIc7jpiTc5-ziKlOqolA5fcGCWSzIrcAkATLpb4udrdOFYToOzlEJ9NveHuOJQStmr5juJOIvdgaVDH5NUZhKsCiOwd_imMq27tsD3X7q4AjMNoH1Rz6IauNtUfgALdkRcmYGeTqLxTuQE3taH8u5v8tAS95xa7DNgRtViTVU&cry=1&dbm_d=AKAmf-Dy6fQvOXy-7kKr1yZesj1BYQxNdFHMt2vYzwWbqEZGyHN-vLZIRzr05BjhxL0h849OZm261gs_AnnXMpXDyb8bz5XJhUxVsl8Co726CzFNlAp6LyN_9G6Rf0IEHdmgBoP4PNVzXHls_W47mAK9cKC3AokMl3_SShAzFVXBW_Rs6Ji9Vn0eYQ1Mm9YWCs50UUeoYbyS4VYUPe2qbA2sWQCVlybpMyJHGUZFiwkbsPgaytKye5Bh_Gqvreb897ODABAh6Zk5sj8jjFAAhKaoO76byuMQ0VkT3Q5KkcGBrjZW1PMZCM8veWit3i7brQKIPNwM_6J_ELwgHW9Zfva9uuniscrSDC-G-Zxm6P413B9-fBz0L0dNuQ1yQS6NGuXeO4NbZ6Lx6jvBzZ4M3j5jNYOqdSqNGlHd70ZYxBlW3rTVxTwfyXbf79zRGPt9L96KWN5OAnZL9hbiJsOCRXBNpnhGeBqPJMxG3XPiMI2sS05oSNUXr-QMnVD3pxgYpD06JowKdNEjCWvWEUG5_-YYNk3mBgwihx2acT2ilRAopxed2TN30Dpbi7XkuS0FepisnI3or0WsoyH2xyzId9y4Xpr6NOyv7sKo-9vAMrWsIzvFataYW757FggL1V6uL0z2GgOlGmYlpLu1NbBw3gqtbFMTJTPL5IXhBSqeSbmjVg51xp1h2vnbOXzJUFkizDYLmeqauruRCBaOle3--FO8V01L6QWl_XOC8sxVjNDHprP11D9zHMOSqzVT5wT2keMCFhXgyv6RBxPQfu5kFvX2mvGA1qJ2g51p_rTbtdolFpoyKe0V7DcLmFPQjJIUaY1yYQpnrBpT8TX-niHZ8vFNLKd6UrHlLxAxAkF7sfm6c5Xgn6073f0G7sFWSzkFM7vuH8uxeWUyBBJ6syczSiHde_kCraHlqciWpjb2d-SQPloLknj23dqT8PBm7KcaRcanoGWzkJhXU0Ct2dUrWgyS4tWZfisjZeyaaTmGbPbIqWltY9UGcPEIbrRxsY_Iufxzr_AucUQv-NfeYe-QiusnR5bnYT-s-_sfHgt-UK9GIJCqUa_NMeru056ffAgtTsiFshJ8C2QdfbiGiw4s16tbv_UZ1rLIv4PlbdYvKBkfFqh-UCwUunC4UpQkVQ-0nayHtfPNQwS4B1kozT7gvf2TDfeXnNsSOUd7CcWnWEQcZn20Vlv5tczB3MO0PISbEkNZADH1T6ODEBvxOF7ZaGiDLNpENGXqJjDAWWF3tGWnIgn1feclPMkM773S-be7voRAu95sMRaeHEIXlPsSskrS6GTNqDAxQhIkxdJ3B-YApeZ0MpwQUa7wnATAX_x7O3mFMK-YRBvC2ufENXEdAc41D3EJOIfc1t0dZcB7FRXWxEh9cyiIoBtKAycaaM2cPRYgTfM7OAa7iPRSCpHQnQI4nyGv774Bf-wbZHkcPEFU87amtzBVPQ90hQtpmEvybHTy_S1xdbKoIOY7Asu6nAN9Ri_3xk1k_BgaO3yTgS9fsawHM2eeHMc8cvCNBsT3I_fyRfdPnfWRfqs2YGdYWoIH3hJK3uGIKrXYaY_d0j4h9mZJ9chcSMM-tnOrLrzFkY2f9KgEBgFcxERhwfPHLi7qE7Qk2KzJMwCTji765q3k_20Wo0CLnvldvpMqEAaWTVsWUe8cYCtvm9XMF_jurdbLhbRx7uVbPExl6k8D-jda86dj2Uz4aUlHi2hwVwX2KWMuv7U4K0BA0VX9Qji2zM9zySVvNqv04A7lB4TCBADUqUfNqMBCccbSJ12t1MsvuqIYTMFTxmKKYTFFsrEP8-wselA389yb47Bf324866EEQffj8Oj3rtDrHpY1Quqs4paVpSNVhFB7b7EmLExO_AjWRJ2U3fMgXkr1uhH5Bhyl06bbVcbNz1_cmo_cgJ_ETnUk_WBR7KU2znFY5ex8n8zsUH6bwQSeR8pGuiaKJX2koQ4rysRvoiNwXr4koJW7qWFWYl8_ni2mxV_Ap_qjLK2UaZodSkDfbjmIRUBIFQGZOTLYI45_ARozdU-B0jI6r2hEHo_XnhvwwFPrpIceRWX1u35pBGMByRe3PTztwzVI8dv9ikqmBLA23ASXwIoSBUSzrH3jpShFpvUvbxEM0Qx2MLZ5yGEiSHMvxJ2c5x8YpZt1ftlNJ0EmEoZt02ncx2ZJRrnPSs-lsPV7ZKM237D0CoVbW6FaLVFS0ke0TpCidEcOM-SAj71IzkO6NUVHQ01bhJWxfAXXqTZXq0T-ztzOvTZk9PxcW1IZS5rR17YF1l1s9FA5Lw5tUGkWAN3f8RSsOzOxonWDtDhaYib2xZ3pfXlOkA-bDVwCj709WnNyhExilWHY3QY3pN1VeT1w5M5Zw7cLwW8fBP-3J_0lZoWcAKsDHfCoRlEIj4ihJwYqOPTKeXdab61HilMNt08b2wv7Mm_2wI4IihcmC_iQ3-gJNET4pszN320nfXKVGirzLBHefRirw7RU7uMvG6rbPUyk9TA2MCnV-CeNJynXC-v69FhmoLh3pgsi8fXXocHKGXLEVKxYPaINz5PfthrBQUgZjOi4_zoQJQRnaaATNNYDj6OCFDuzLlIL7mQROlQEQrpCiaf4blC--QQNZRaO0DPahhZRMCz6TSawtPH9fWd967_u2xL0BWQDH3MBRwlwHlDgj4-R-HgLqGuyk2lZZUDtDJuW7e6IL0f9ARDfPxo6u1tl3QeDUZyCgKqWdMu5w_GMxHUrlW547u89PznPPi1sWKr9144NBRYq_gIURNGtvZK2Kw8zkcPmaREAIbEyLxVmKbMy6WvgS8nFEhx5Iwm7WGYhZk2bkF-81B1HKWkcuGIUM29dry2B2yUkGkCh5qFSBS7-gRGAGq67ZGomqyH_LNoWMjye9mMxBk8rYocuQQ_exezNjLBLZkl_iZbwIEjEFNSmdi0BRNbDeH6DtUbBeF65O1ZBreGd3RDnN7kFjJtyGVaPUxG09dReDqH260z3eVTszA1mA1O76cuRO0RdfnBzwEDm4cdO49MlK478VaQT5Kq0usU390tJ49Y1KQZ-c178-g6in5Al6YZJZ3pili3_5B0THTPZyHqcuyuXS1z-iAR2WgkmkJA2UKEA8iqV_aRmCagMN6FWObcvB0n13eIafUlu8gKUvs5CauBGpUpud0F8cdUDiHjr2teFjuc49rxtpLbO0q1Cglcn_njQ_0uWpA610d3ZP2QPemvJkNElyZuSti-yYlF3Iuc4sPlDdeRVspDcLVu6jkRXdMVlPLOLZZyZkDNvb44JZiH0EPzSXV4aCmWBeLMGvCGMkfuLJ-mj8BZaUiFgZMi2JvloQyAzvCpLifVCkZGCSOJqdkmlTeh1qTTJzM_k-gAR5pru563JzTmjXVXmtAKMv39ahZDWfymN7AQaY-Qa0Ztkn4xxxxDqt3UlaA1OgoQ5pjX7sArUmok1xFNE2qn43x99rja1lDTHnNcgi7_1jTr_2yZFsV44rVKUyZxxn1EiKf1iXbpaDfWzk0fUtXHSoD5ldljmEJ3SAnV97FHMoVXpcDTJMU-YB_e5oPgKnyjitHG8o9-M18nkq18JjR8bm6MNYvvHt0V0HFJuWM2ydsamFjUR6E00U03lvljjdMxHUuSoJ6y7YpjUYBnBMdHV5le3L0X6ePY_J7tDfJCv5-xZFlfuwgL2AaZ2H2rjp5uFqTVLFos6BpXCzLp_EOaHOOUAMp3huPyxQuAzhREnCrtKxp95XPkVZYy3p8-CJdmOdQ4HQWFsHQpTISqDPYJP_rvs59BX19CT3viPkrtyqwFDMX1SSTl2I3P7KSU681kyAwaS3r_xc2FurgvoQdNCOssHM5D2Tpyt2p3dsVX3Mbz8M8f6G5EdHu1C9cM7MdcRkACEn1aTbn--VwEsAYlVdZ9_bflAt9LMFRCWrwbjEYAanW6n2SNRk4oJntX7zBa-nY4TX7CsuG190EAb2aesumzd4FrwINoWd75qwJ3bxUu5pAEj31vdVFCphFehV3O-HR1sKkw7vF-tai4FUpsGUX1O83BiARSLzBtK38h9Y2GjgopQDRvk4CAGoamxkbOsxTcrv3VFDTJWnPR7VeYE6h75zxERRee69MwlDhllKvxz2oidU19tdzrR-GRwqpvqY-92Edkn5RmofU-gTX1y-VNzzA_4TeJlt1m8jyfDatYeB6rLPiKmY0EA1UbYHUUuCYGow6miTnNyzFMpA6JLtuTWE7SsBjTIMefcU6s--aIGXRsIsNMb4BYIjAJUZnuS3rdHAyTTdiCBtssd23KwQQYLAzuRGwG4XFqr_E2B0lkb_MI7QFKgALNHGIn2Nf0vInCBDujOjUV5oWsvKymdt9xrbccnV-K-1UOk5xPSipaXsXI9D5sMunmc4uWb-unPOtoXTf9zC-wik2Xwf4Y4cNgfltoXogK1nIXEPGRR3Wua282UUO0oO2waBIc57tkfFtmDNYoiWpk4YujP0tmzdJf-tjIEiiQILkUtqzMnfbH3dT1NUXb3ZjXjgwg4smkKqNkgSyY2i8Ng75zXmbnnV1owGbMT1DscbfU9VpYWTOprNKXULq5BjLr1LiBxTG0Th7aaLmV0m01RPWcp2aC2dAkg186-tXYXU--TOAWKsrtJ89d47opa7TKC2rZeTVPRVwd3jD2QkxX8KcZ-f1Gqy8fV0uWd_2vYTXxRg73UedRA07Ps9_fkqONgPL5rGJ1UtPZsSbCheB8&cid=CAQSOwDUE5ym8S2MmzfCUNDX4HHtbBOXtPird0fgwBVum2-KQHwR4VgmiWb7BKCwyfYXe3V0YlJk2_gbSFycGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fpubg-gfx-pro.com%2F&ds=l&xdt=1&iif=1&cor=8243715673885037000&adk=4188270525&idt=132&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Mar 2024 09:39:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 50F6
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
403448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 13:46:10 GMT
expires
Sun, 17 Mar 2024 13:46:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame 3D4C
57 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=16043422&cmp=1074559823&plc=1078766995&sid=66552&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032001&jk=2323491901810887&bg=!nJ-ln8vNAAbO2UOH7tk7ADkAdvg8WlXL5XTlD5lj70eeZGEXO1esVrkUCXNAbpmNNYoDZmljDNRP4WhBWWGp-Q7WkJ8qQqnPapsCAAAAPVIAAAACaAEHmQKbQJHR4AsXqrUDk3SLjSEpL9QnoKr9nm3s2EarE4lthT-99PgWuYrnXY-h72OW8kOnc1xA0xuSBJPT15rz9c7_-wfzpjI_pPKvXqQoukU0Wh2Da8CFMTssD6XlBPimc4_t8TCeuAOQn5fqdsOKjQOdB2gxSsIT54A0MfSPUHIIpIDvw0Zm1S__SdXMG3RTQ0zyjezPDJMBevKE69OEGB7ncVAKiMioF6DsypEYCoQtnF6iItyq5g6h6x7xBwGlquprQssFmem02M9VsDfK6qnSp5kelKFrrtIYTQGgLwg4kGBcgKm7-up-MnVXd5FuVJQn-W0eidSskuvj17UZH0eQYoCtgvjrxxqQnpEp99KsTZg3hPhqbbNfUF3t7-9zSbEUwrCflAPh-uBVRAbzTGKYAg__TWRBY1acrb1SVDw9MVJ0g2srZvXT-Q5QaoAOZwnPDZV1ijoUob111gOuhwPtMe6_iGLf9nObZ4qcNWVMprdyaKtN4vqxitjh_2ELjEFuPaVmYVpsesijdMI5BIQlTKkFZ5ZMmkY4-Ynu11MNtImiMbwVTBn7YD-Di9MXYpHSbFuRGOo9jXR9zqieLfCnyBC1xmVJrmWGGKPIeM69tiSICK7e7EzMyvffRaaZWEPxGHyBpV_VxLBuwnC6sl0UcjHCF4ebg04PokcEggmjknyi-ZKHjkEO6adgxj6su5JGPBXOjlBykg-T7XWNzOS8jts69_JkhG_URuBtwaa9ATj88ndW9X-KbbsbTiwlzWBxIIAYwikty0YoYLe1psjYkJWvT0ymCIPeaXSdtUWzHUuR67bw_QryB8mOzuCAjKg48qTBQBQSjRssNk3kHmb5v_QGrWOipqiU2NypnWYbjPSbpYPkl3MQuNZTEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

verify.js
rtb0.doubleverify.com/ Frame 3D4C
654 B
694 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_58988515342&jsTagObjCallback=__tagObject_callback_58988515342&num=6&ctx=16043422&cmp=1074559823&plc=1078766995&sid=66552&advid=&adsrv=&unit=300x600&isdvvid=&uid=58988515342&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=111&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=13&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEATbpTauTauAF38%5C87I%5CAC%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauAF38%5C87I%5CAC%40%5D4%40%3ETar9EEADTbpTauTauefah%60f%60hf4353274eeab242e_cc55ba%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.70&callbackName=__verify_callback_58988515342
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
1d3aeec0bfe622c816ec9ca636108e638be256853f5581f7d8fbeb33f81d749b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:18 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/22/2023 05:50:18
t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
pagead2.googlesyndication.com/bg/ Frame 50F6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
138631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:19:47 GMT
state
api.permutive.com/v1.0/
0
33 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 05:50:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50F6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkLkKmugbZKvTJI3Ax_APg5K58AgAAAAAOAHgBAI&bg=!qaqlqv7NAAbO2UOH7tk7ADkAdvg8Wkvh25SPFcWKMvHBaNr9MsK8YYi4WJ8zNCQSmGEGbDF1ik3dQ8_YjILShUiqLNZKDFWf4xcCAAAAPFIAAAABaAEHmQLpeVCdlnmNhjShjvCBFXjSbAQFW6g-McsOncas67V7ev8jPGXiSVV652T0_RyLNukHtouLDbfIM3Qpllu6bBCAk1KwlkAkB9KVblQvPhqmMm3pEdBk54Ry6i6_ZtosZvtkYsA_TfYHff75TTsRVOJjut-AOLUdomaMBvVjyy2pV8Z5y3HO3PNA5Cu1mUAQR21fx1rU_uLMIAE0env_sdAUzz7-UU1BWN8mV2pzUJtFP4q5_Km-k8iQBO0fzxPS-POmXxseivLANX_tvwIG1BdogkrCtfCa36Sa6gXWKZY8JLP3gG18kCtV2N9IptYCeZvi_yPAtCmnzDCi4FD9-cd0m59DDvSyVv1Mz6zwzAO1ikJuYopMXfFZEP7Ppgvryoi6EU_Ls_PnQw7L1EsoaR9Y8WMcqSbMa0e5NaXCqZDjAqkeUQvrV5ZtBkOH0UYztWwkfGtQaNpt-TgDj5VO1hmPAbvYEsDNUlhiz0Uxvu8Go8VSh7gqCf5MThZy3QwwE0jfjS396xZjKjsL_QlLXq-nNwnoDKK7l2HXEL68vj6q_ag7Jw2lZ3_dy9GCIeoS6ax8DQXLpsTbBwbdvJGetjuStxM9FMY-D-dqMc7LGficP6FuqjT-r5uqdHwqDnDZzfQKV1-gwtkUSqZCqsB0tMiLsfBE0WBvjjAj3tZz5PjIMpfbDxlxniB_xOb4fz-z_6LWWlEcE5aYxrc5Q_U4wQ9I3NlqDk_w8JNn3Ygyq9WURMMXjl8sQWj7qbf2BvYi_AcaxzafxiiR5UinLiWCR93j7_S3zn87tYfZhB5dBQJHTGUUO2iQQIEbjaCI8wfXjVX5l0oDvB4vchlRt8UoUe0PabUymcFtZlpbpdaAHtYugrCYiHfOihxN1yj5fRqC0KQsnittGozLaF-x3WL9_eBtQPr8kVW43mNQhG0CChxQj5cyO31nd38gCmmLEFIAXrw99F7V9EMTaix5sWsrqMSPcCZRIEfjIgNIMA
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 3D4C
0
234 B
Ping
General
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=2f6209f8ff784420b04b2d252f068f9f&vfdur=154&cbust=1679550618889295
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:18 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/22/2023 05:50:18
globalpassback_300x600.gif
cdn.besafe.global/ Frame 3D4C
29 KB
29 KB
Image
General
Full URL
https://cdn.besafe.global/globalpassback_300x600.gif
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7e00:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13758d81c0a0b7db30ddd14419f9ec683cb6aa4f84945f2b79966cc47509f308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:32:23 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 20:03:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
26282
etag
"bdba8f3a48c5b1bc099fff46c636cc30"
x-amz-meta-sha256
13758d81c0a0b7db30ddd14419f9ec683cb6aa4f84945f2b79966cc47509f308
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
29199
x-amz-cf-id
a9wTQJFR2TWTw7MQe72_7imfAOKyLOsaJJeuzlDpheVxia3rMXf0_A==
x-amz-meta-s3b-last-modified
20220630T185546Z
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DDC4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 10:06:00 GMT
etag
48472445140208031
expires
Thu, 23 Mar 2023 10:06:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/
0
14 B
XHR
General
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pubg-gfx-pro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
i.match
s.tribalfusion.com/z/ Frame DDC4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gN...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1...
43 B
410 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ac46569ddd5bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
417
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGTmPrgXE_gjosXNnK5ph8Q&google_cver=1&google_push=Aa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-D6jSBfkQZhD1YCUh65TIWxjUn4okao2woD3ESUcuzJHOliUOQO92_Mf-SCfw99G_-5UomGs-hhR86T-AqUHRq1z2edt1gNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ac465688c4cbbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENgvHJK_U3JJwD4Fj42GSBQ&google_cver=1&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlKg1BXtsZkhc_YZrw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F95E0D7EF0BC4BB7BB5AE659B69969B8&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlK...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F95E0D7EF0BC4BB7BB5AE659B69969B8&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlKg1BXtsZkhc_YZrw
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 05:50:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F95E0D7EF0BC4BB7BB5AE659B69969B8&google_push=Aa02lx_2A_scWJ6_e1WP8AZ--KP3rlkgqeQ-6wDpPQEhg_1FlK8gNARXlfWaJU3Ud1p4XllL7t0bJoQsMEhytlKg1BXtsZkhc_YZrw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 22 Mar 2023 05:50:18 GMT
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDEdJq-ge1HAObrH_vxOxC8&google_cver=1&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtGZ0jTBvfJ5aHGJti5sxA&google_hm=J7aql897Rb6qdtuKVU...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtGZ0jTBvfJ5aHGJti5sxA&google_hm=J7aql897Rb6qdtuKVUzbFLs
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8PcBBj21gqJBbPAAfrtDPSf1v0H-4pbr3oTePnsR_Kz7yThWh273IGkc9GZYxDfzZ4dSOaQ-S_mtGZ0jTBvfJ5aHGJti5sxA&google_hm=J7aql897Rb6qdtuKVUzbFLs
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBcZJ7RGFbwTXbUdIOSBBFo&google_cver=1&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07j...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzYxNDk3NjMwNjI0NzgyOA%3D%3D&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07jg1eE...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzYxNDk3NjMwNjI0NzgyOA%3D%3D&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07jg1eEul8zsEuxgh
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMzYxNDk3NjMwNjI0NzgyOA%3D%3D&google_push=Aa02lx_Y8KRJ_8opSBcA1C1LseGhNFgyu4jx6ZksXNKJSgpZJLbeO_ENJ_r8x0X_kZDkQZJip6ijIx9athb07jg1eEul8zsEuxgh
Date
Thu, 23 Mar 2023 05:50:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJOcKAmRorki2B2rlp1sbWw&google_cver=1&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRvgEylqIw&google_hm=eS01djA4cXFGRTJwRzhx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRvgEylqIw&google_hm=eS01djA4cXFGRTJwRzhxdXNqN0Fqa0FzY1Q2cjE5TUJCR35B
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 05:50:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xmomqyzt_L_b5z4ugo1scxU_tdZLSG-dF6vf8D9CLD9JjxC-bP1NfYFUID5kOcMfbN5jTJHuCWbgcoYoctmKKSRvgEylqIw&google_hm=eS01djA4cXFGRTJwRzhxdXNqN0Fqa0FzY1Q2cjE5TUJCR35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKUkcmBCCPoPNmj9_rUv3Mg&google_cver=1&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKUkcmBCCPoPNmj9_rUv3Mg&google_cver=1&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8mONLQCIjarSptgW_ASgJbiijk9vLHzLSRgEqeW3nNXEbwYThQVQZ4uDpyU9bvD8HI7I1FnLapyc7aGLb9mMFKW0q9jeEucg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame DDC4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RVZwXuT1RsOTQcQS2HTWuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RVZwXuT1RsOTQcQS2HTWuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wK63LnYS77Gb9tW8P4k6T8UCRUa4hRXWXw1MBjnDl_s7MHIQtbNejky9z2knG1s4MQ0gM-I8ybWLZeSF6INiXTEEGfNQeVg
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RVZwXuT1RsOTQcQS2HTWuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wK63LnYS77Gb9tW8P4k6T8UCRUa4hRXWXw1MBjnDl_s7MHIQtbNejky9z2knG1s4MQ0gM-I8ybWLZeSF6INiXTEEGfNQeVg
date
Thu, 23 Mar 2023 05:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame DDC4
0
59 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEgJ8FQ7ekS83iV2-is4nP-q9U3qg5W7eJbHL2tyBIgWcb-fgUFOZp0DfxtgF-n4JqDLwF
Requested by
Host: 672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
URL: https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 3D4C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUtqKwZD7u_yxnl9fAZKYuCwFJD8E9oOZGUQOKsnINCPKAJ6Ls2HvU0P_pJIdueKvtVVJZ-SHfh8_qXEsf4nydM40j3hveX1DIoagsiEkqFQjN_ivF2UbLYq0To8PNMlG6VgDdnhdVak0FOWe54Khp3GR4Bd0oV29AY4tugZVgMkSTTTKAiSZVQfUeW8SlCV7UMqI6EbDGMm7S-ns0oZgfnkjFP2KDRYM1mbV3JGX03J6GoWOdCGvJzrJ68ZiFs8SqqGNfAr_F0i8cGcFQ7oYNbBuNQWvk9zM9AzEgK3p9VnCc7P0eM4HdBbWBc0ZjqwJ-c5K0d3PFgTvxwWwoYxBC8MhHC6v1Izdidxg&sai=AMfl-YRYGAyPT1suoSKfYp0Hzjwx1gcLoleWsD1m3DvV8Q1Xx-Fn35_sVhPSHvDghThm0Wz3jRSNM-As45o7oRWRQpwfybCjfjgh9hWF9hiOFZ2gWmd0Bg3sqGKO4LsJpg&sig=Cg0ArKJSzFwWjiGcfz1XEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Mar 2023 05:50:18 GMT
outbrain.js
widgets.outbrain.com/
197 KB
71 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: pubg-gfx-pro.com
URL: http://pubg-gfx-pro.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.115.36 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-115-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d70a3026333e61dc366d2af34c713bad490b99e5882fa238076b212d2275fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:50:19 GMT
content-encoding
gzip
last-modified
Wed, 22 Mar 2023 09:39:17 GMT
etag
"17-ICibXtaMjXuQugOzf7srM6pBRCc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
78a22bc7e2895771491928e0a1915002
timing-allow-origin
*, *
content-length
72178
access-control-request-headers
X-OB-STG,X-OB-PRD
needle
phonograph2.voxmedia.com/
26 B
543 B
Image
General
Full URL
http://phonograph2.voxmedia.com/needle?d=%7B%22Page%20Title%22%3A%22Vox%20-%20Understand%20the%20News%22%2C%22GA%20Track%20Prefix%22%3A%22t1.%22%2C%22Network%22%3A%22vox%22%2C%22Community%22%3A%22vox%22%2C%22root_domain%22%3A%22vox.com%22%2C%22GA%20Primary%20ID%22%3A%22UA-48698701-1%22%2C%22GA%20CrossDomains%22%3A%22vox.com%2Cmemberful.com%22%2C%22Demand%20Post%22%3A%22no%22%2C%22All%20Chorus%20Categories%22%3A%22vox%3Avox%22%2C%22Content%20Type%22%3A%22homepage%22%2C%22chartbeat_domain%22%3A%22vox.com%22%2C%22chartbeat_zone%22%3A%22172968584%2Fvox%2Fvox.com%2Ffront_page%22%2C%22Logged%20in%20Status%22%3A%22Logged%20Out%22%2C%22auth0_id%22%3A%22No%20Auth0%20ID%22%2C%22section%22%3A%22Front%20Page%22%2C%22enable_url_cleaning%22%3Atrue%2C%22pageloadId%22%3A%22492c9753-5c58-4d50-8a86-ebd6569ac7d3%22%2C%22User%20ID%22%3Anull%2C%22_ga_cid%22%3A%22unknown%22%7D&e=pageload&uid=ebf0a6ba-8e1b-4915-bc83-f6f3dc4e9bc4&suid=bf8b931d-aa51-4765-97fa-5fcc2c89aded&de=UTF-8&sr=1600x1200&vp=1600x1200&ul=en-us&sd=24-bit&fl=0%2C0%2C0&je=0&dl=http%3A%2F%2Fpubg-gfx-pro.com%2F&dr=&wh=pubg-gfx-pro.com&z=1081087819&
Protocol
HTTP/1.1
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Thu, 23 Mar 2023 05:50:19 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Cache
MISS
Connection
keep-alive
Content-Length
26
X-Served-By
cache-fra-eddf8230046-FRA
Pragma
no-cache
Last-Modified
Sun, 17 May 1998 03:00:00 GMT
X-Timer
S1679550620.741055,VS0,VE92
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Accept-Ranges
bytes
Expires
Mon, 07 Aug 1995 23:30:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D4C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3873592330415&version=m202301230201&ct=77&x=1&cor=8243715673885037000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 05:50:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cHViZy1nZngtcHJvLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/
16 B
464 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cHViZy1nZngtcHJvLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.112.33 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-112-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:50:20 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
190331144255171878e212ed988f5785
Content-Length
16
Expires
Thu, 23 Mar 2023 17:50:20 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
380 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.115.36 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-115-36.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Sat, 22 Apr 2023 05:50:20 GMT
date
Thu, 23 Mar 2023 05:50:20 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
get
odb.outbrain.com/utils/
0
0
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpubg-gfx-pro.com%2F&idx=0&rand=41142&key=NANOWDGT01&widgetJSId=AR_8&va=true&et=true&format=html&adblck=false&abwl=false&px=250&py=8012&vpd=6812&cw=1100&activeTab=true&ab=0&wl=0&umv=0&settings=true&recs=true&version=2010234&sig=z&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1YNY&ccpaStat=1&chs=1&ogn=http%3A%2F%2Fpubg-gfx-pro.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 23 Mar 2023 05:50:20 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1679550620.407566,VS0,VE93
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/x-json; charset=UTF-8
x-served-by
cache-lga21970-LGA, cache-fra-eddf8230028-FRA
x-traceid
77e19a533f228bc9ecbb6271816da8b8
accept-ranges
bytes
content-length
413
expires
Thu, 01 Jan 1970 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1679550620662&sessionId=b3429cb3-c9a1-eed4-9d93-6b62aa4f0f0d&url=pubg-gfx-pro.com&cheqSource=1&cheqEvent=3&responseTime=514
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pubg-gfx-pro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 05:50:21 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
de871b11a78b81b4b679a03f3c5e06cc
Content-Length
4
Expires
0
metrics
api.permutive.com/v2.0/internal/
2 B
37 B
XHR
General
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://pubg-gfx-pro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Mar 2023 05:50:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183789
Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| chorusInitQueue string| volume_embed_host object| Chorus object| dataLayer function| VoxMediaFontLoader string| pageloadId object| concertAdsQueue object| CONCERT_ADS_CONFIG function| instantiateConcertAds object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| recaptcha_v3_site_key object| phonographEvents object| bnb undefined| button object| ChorusCampaigns object| Initializer object| webpackJsonp object| Context function| setImmediate function| clearImmediate function| Subtags function| chorus_lazy_assets object| DynamicImages function| __handleRecaptchaLoad function| fetchChorusAuthJWT object| webpackChunkConcertAds object| regeneratorRuntime object| core function| moatYieldReady function| ConcertAds function| __uspapi object| ChorusAds boolean| isAdBlockerActive object| concertAds undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag function| ConcertConcierge object| MoatNadoAllJsonpRequest_47455817 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_47455817 object| MoatDataJsonpRequest_47455817 function| __moatSlotTagLoadedvoxprebidheader841653991752 object| moatPrebidApi function| isAnExcludedLink function| _typeof object| PARSELY object| _phonograph object| ggeac object| google_js_reporting_queue object| recaptcha object| closure_lm_109082 string| concertConcierge boolean| concertAdBlockDetectorLoaded object| permutive object| PQ undefined| google_measure_js_timing object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| dv-data-transparency-tag-active function| dv-data-transparency-top-level-monitoring object| headertag boolean| apstagLOADED object| apstag object| _aps object| apscustom object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| PublisherCommonId object| pbjs object| pbjsChunk object| GoogleGcLKhOms object| google_image_requests object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater

27 Cookies

Domain/Path Name / Value
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync Name: _pdfps
Value: %5B%2214285%22%2C%2222691%22%2C%2222715%22%2C%2223231%22%2C%2223238%22%2C%2234913%22%2C%2234914%22%2C%2234916%22%2C%2234917%22%2C%2256587%22%2C%2281392%22%2C%22112273%22%2C%22112274%22%2C%22112275%22%2C%22112276%22%2C%22112277%22%2C%22112278%22%2C%22112280%22%2C%22112281%22%2C%22112282%22%5D
pubg-gfx-pro.com/ Name:
Value: test
.pubg-gfx-pro.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22http://pubg-gfx-pro.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1679550616724%2C%22slts%22:0}
.pubg-gfx-pro.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=c5d73cdd-92e1-4967-8345-c72161c6cf3d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1679550616724}
pubg-gfx-pro.com/ Name: _vm_suid
Value: bf8b931d-aa51-4765-97fa-5fcc2c89aded
.exelator.com/ Name: EE
Value: "f067fbf76dade89a74b054d47cc25190"
pubg-gfx-pro.com/ Name: _vm_uid
Value: ebf0a6ba-8e1b-4915-bc83-f6f3dc4e9bc4
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNwMw8LSnN3CwlMSXVwjLR3CTJwNQkxcQ8OdnI1NDSYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQcEl%252BUWb6IhfXxUUpaQyLSopPBR9uawIAvSAqlQ%253D%253D"
pubg-gfx-pro.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pubg-gfx-pro.com/ Name: pbjs_sharedId
Value: c3b36a0a-a461-4605-860b-bfe278f8247c
.pubg-gfx-pro.com/ Name: __gads
Value: ID=296fd0e6c9f75976:T=1679550617:S=ALNI_MYYi6YfvYGei5eScmfzk2aztj2GrQ
.pubg-gfx-pro.com/ Name: __gpi
Value: UID=00000bcaf881d43e:T=1679550617:RT=1679550617:S=ALNI_MZnJiATiiK-G53wpwIliocnK5IbQw
.doubleclick.net/ Name: IDE
Value: AHWqTUnpNNpwom_PF3bKCMdiYIfdnpyhFx-NehuTB5s0r-On8T35V7Nm39B-m-85858
.adnxs.com/ Name: uuid2
Value: 7337618172795726819
.casalemedia.com/ Name: CMID
Value: ZBvomkaKG3MPPJkY2NxQzgAA
.casalemedia.com/ Name: CMPS
Value: 2144
.casalemedia.com/ Name: CMPRO
Value: 2144
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTwiNaa`!]tbPl1M>e)ZlrFUfJ+tGXxoDHNBNR<Tx5#F#Hh7N#Fpc[o1.r`dWz(rme6#3If)y3KL9D3I?+T8<QtT
.adfarm1.adition.com/ Name: UserID1
Value: 7213614976306247828
.ctnsnet.com/ Name: gid_CAESEDEdJq-ge1HAObrH_vxOxC8
Value: 1
.ctnsnet.com/ Name: cid_27b6aa97cf7b45beaa76db8a554cdb14
Value: 1
.simpli.fi/ Name: suid
Value: F95E0D7EF0BC4BB7BB5AE659B69969B8
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4556705E-E4F5-46C3-9341-C412D874D6BB
.de17a.com/ Name: guid
Value: 1.6808635835530721031
.yahoo.com/ Name: A3
Value: d=AQABBJvoG2QCEA1yNmBVholSoG_Lj3J1C5wFEgEBAQE6HWQlZAAAAAAA_eMAAA&S=AQAAAkZld6LxnGQ467zLSl2vqH0
.tribalfusion.com/ Name: ANON_ID
Value: aMnseFR3YWj7UXuRvsbeMeLGYTgTEXd4dw0G2YbcV2veIl1PTg3cLwjjvf5MiuDZa3sWDjwShfYPxQfHJjIaA

10 Console Messages

Source Level URL
Text
other warning URL: https://assets.megaphone.fm/packs/js/player-ce4af4d21587f0fa526a.js(Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://assets.megaphone.fm/packs/js/player-ce4af4d21587f0fa526a.js(Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://pub.doubleverify.com/signals/pub.json?ctx=21236410&cmp=DV464041&signals=ids,bsc,vlp,abs&url=http%3A%2F%2Fpubg-gfx-pro.com%2F&adunits[/172968584/vox/vox.com/front_page][]=1180x450,1400x600&adunits[/172968584/vox/vox.com/front_page][]=2x2&adunits[/172968584/vox/vox.com/front_page][]=1020x90,728x90,970x250,970x90&adunits[/172968584/vox/vox.com/front_page][]=1020x90,728x90,970x90&adunits[/172968584/vox/vox.com/front_page][]=300x250,300x600&adunits[/172968584/vox/vox.com/front_page][]=1030x590,1060x610,1060x619,1060x694,728x90,970x250&adunits[/172968584/vox/vox.com/front_page][]=300x100&adunits[/172968584/vox/vox.com/front_page][]=650x150&adunits[/172968584/vox/vox.com/front_page][]=200x40
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: http://pubg-gfx-pro.com/
Message:
Access to XMLHttpRequest at 'http://api.rlcdn.com/api/identity?pid=2&rt=envelope' from origin 'http://pubg-gfx-pro.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://pubg-gfx-pro.com/
Message:
Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183789' from origin 'http://pubg-gfx-pro.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183789
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.concert.io/lookup/aHR0cDovL3B1YmctZ2Z4LXByby5jb20v.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.concert.io/hem/retrieve
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpubg-gfx-pro.com%2F&idx=0&rand=41142&key=NANOWDGT01&widgetJSId=AR_8&va=true&et=true&format=html&adblck=false&abwl=false&px=250&py=8012&vpd=6812&cw=1100&activeTab=true&ab=0&wl=0&umv=0&settings=true&recs=true&version=2010234&sig=z&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1YNY&ccpaStat=1&chs=1&ogn=http%3A%2F%2Fpubg-gfx-pro.com%2F
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

672917197cbdbafc6623aca6044dd321.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.rubiconproject.com
adservice.google.com
adservice.google.de
api.permutive.com
api.rlcdn.com
apps.voxmedia.com
as-sec.casalemedia.com
assets.megaphone.fm
assoc-na.associates-amazon.com
auth.voxmedia.com
bam.nr-data.net
btloader.com
c.amazon-adsystem.com
cdn.besafe.global
cdn.concert.io
cdn.doubleverify.com
cdn.parsely.com
cdn.permutive.com
cdn.vox-cdn.com
cm.g.doubleclick.net
concertads-configs.vox-cdn.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.moatads.com
googleads.g.doubleclick.net
ib.adnxs.com
id.sv.rkdms.com
image6.pubmatic.com
js-agent.newrelic.com
js-sec.indexww.com
loadus.exelator.com
log.outbrainimg.com
match.adsrvr.org
mb.moatads.com
megaphone.imgix.net
micro.rubiconproject.com
odb.outbrain.com
p1.parsely.com
pagead2.googlesyndication.com
phonograph2.voxmedia.com
player.megaphone.fm
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pub.doubleverify.com
pubg-gfx-pro.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.tribalfusion.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
um.simpli.fi
vtrk.doubleverify.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
z-na.associates-amazon.com
z.moatads.com
api.rlcdn.com
match.adsrvr.org
104.18.10.47
104.18.24.185
104.19.150.54
108.138.1.25
108.138.23.218
108.138.4.150
142.250.185.102
142.250.186.162
146.75.118.132
151.101.129.52
151.101.130.137
162.247.243.29
167.71.177.229
18.171.18.216
18.198.69.109
18.66.100.58
184.24.171.130
185.64.189.115
185.80.39.216
185.89.211.116
199.232.192.124
199.232.196.124
2.19.35.65
205.185.216.10
213.155.156.165
23.54.112.33
23.54.115.36
2600:9000:236e:7e00:8:455e:4a00:93a1
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700::6812:18ad
2606:4700::6812:a7e0
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:26f0:480:9::210:ee0e
2a04:4e42:8d::720
2a05:d018:d29:3605:a9d9:70ca:81a8:3df3
3.209.41.104
3.225.82.51
34.107.222.173
34.107.254.252
34.149.12.213
35.178.217.194
35.186.193.173
35.204.74.118
35.241.9.51
54.171.113.1
63.34.81.234
64.202.112.191
72.21.195.65
85.114.159.93
88.221.169.143
020fc22f4717fd0d4a35abfd7b89f82d4df9fdbf782b1f04f0d0c9c779cb6d56
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074b0d3794d2d5d6eea71b772946e00782d3f34d7a21db3f3d4b24bb675f8d41
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
08e4b6a78767bffbc0c182f65a4612a7c1a75346cb2e2a537254df3683134b71
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0b3312f9fcc8002689bb6625a2a7fd4ece9b0c870ce26295f01d704aada432c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d70a3026333e61dc366d2af34c713bad490b99e5882fa238076b212d2275fda
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13758d81c0a0b7db30ddd14419f9ec683cb6aa4f84945f2b79966cc47509f308
139dc774a0f7b5ace73dd2ffa07011d3ca960969a0fc678cb38ee44844534d64
13bba78983a3786e5bd9c199dd1b8df0717f0a9f250b8d876ab8b415cb32e9f2
14d43ea0135e8e658e04de1fae996c2ac09eadba530aec26061f1dc0a7d1cad5
155152129bf392e3b78bdb3038c6feeff05561d8e71cd33e36b9edf999c647ac
1a726e59ea3c7c8b9cfc3cf091fa52f964af8220f961f187166da2bb2cdcdd0f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d3aeec0bfe622c816ec9ca636108e638be256853f5581f7d8fbeb33f81d749b
1e9cec86e87bfa24a5a4fb440331183b2cb0751fb9be2b3b12c7dff55fcf3160
212077b9f2fed002e4d09944d73305de19e9c819ed7f9de49cb14a7bfc9dc239
212817d3eecaca749c0df51f827bc379db90bbaf3a4d211f1d4e3e5492cb283d
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
2305882d442090437b7c1cfde1bf314d5217f9c9b71873a9c208570f0c8b8486
236c08162c64082468734debe61e8fb7b846872e68334af8a0b2f25b54aaad7b
246dfe94163ebc22a22a8bbca1c3a04dd040c66076c706c26498c424d9b181b8
24e6207bc53f9e616f37ea19db703c9df406521fb0aa106a89458baad9da62c7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275a486ba8a4aa51e84c4c0a5190b8c4f0b1c23ecf48490b2a577ca20b38713f
2981eb6a48be32ca47b9ec56abee1dc8b1a218e6b592cd751af9bcf073b80eae
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
2dda6b85dd3c519c81c91d2006ab802a63ecfc1c61a8ba08ff97c43c053e6a7e
306bb436edc75cb10da0367b97ab83e5326ac98efe7b9bb9fad6f0649c5b2158
30e64f66647d01be3c5128d524c55fe61e1fbf467efc1ad81003448e1335b2d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c3630a3be53c83e816a48d2a8f2ed6902818335200efdbe211704bebb5c831
32fe9f6bc00c73a3895d7a9c8db60f3b27028d4b4f66b2490b86b510dbf23251
342a6ed3767184b226e5687574148d20de12d8f24cc52505b079337dd944daba
353f6d99dfa7ddb8b8c804406136d5d1380f14579a0109c973636bc4b05c13de
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
36dd7c732e394ed6f8594f7516c695b9331cdf6f8d662bd04de93a2d1f484068
38546b1bd95e3de666243be94208642340d0994960d94886b6eb03f03180de51
3898cbca6472a3cb2637505304bbbf9329d3b5156557b8c4a8eaaf7d8081c0c5
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394
3b7c3bbb6efea2103f881cfe5cc0be3d6eb00a6069f62ba62d0886bb2fcfa0b7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e56493b45ccf5db1ca7c5719e1d15fdae2b9077d6c58cc0eb50ca7b2836d057
3e97eb974517ac434dcf616024734e65fb24e279d488997c549954b3d8eebfc2
408715fa9633502e3da3e703bf52b5b301cd3c048aa42148ee4ef591252a701a
43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454105f998c444a5afe66a8f050bf130707848b20a67b806c4f5751ff212e903
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51ea7418dadd988c5fcc4a15616df9bc69cfad4a533aead140eeaea041890e06
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596b921b4a628574434dac7d6758f7d0b2861a1a853eaa5ab6a7937c6c501498
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d104df4522bce3389de302939f06efd6d9042d2b05f4aa49a21f9ef240aa52e
5fc9c36bbb4344e830e64f5739a7714d8ff086749bcab3a3febf92f97d5deeff
6145ebbe10c2c3a71851dc229cf4897f1f76301218b7c260d5f1ae96a8f124bd
61a755ce43dd14b2cc237f369f9ffa77fb245071d6401725f57e34c69a39f16d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf
6aebfc4e8ba630255bcafb813c038ecaaf4ce9294607559e9ff6f2a6ec703b7c
6c044aea49eb0ae9e7337639b83fa63c760be5b36a9d7a20313b5debd1f4dca6
6f98930fcbff43264f4f271df5de9a78f972c96391fe4fe1bb7bb3eae28bc995
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
79e0bd8ede0a71a61f09b8b1dc5d9336b04d01540008d4714ca152e286312449
79e6ededbd0e64da260f9a4dd18ae9f88416ec03a26315d430a18710b9724576
80cba3df50f7516d09219dea3a907afaa494594c1ece508ad18ce5758442d9ae
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
88340b1692e8ced562a228c6108d70b3080e211948b212d2c27270a162969184
8f5d1126b926891261a86890946c0d561a1c2e4ae8382e843a68408dd9e03549
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90d7b65f902db3904604c51027e71b20298a91e0b907ce26800c4a60fd41314b
91f6dc55f72a391470957d76d7b57c16a2706cbfa84de9f212cf1e06e608e1f6
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94cf5bd7d5a0ff058838ef883d1781b760d3aecb7e9682c8163feb70c38e9775
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97674122e49cec717cbc937b678f5fd66f80acd75e031b5ee23c328751e261cc
980f9c7d82e02ffc3f14439f149a1fa197ba865911036aea3f930a7dcafa3be4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c088e6a78448b3baae8e7c2f8ce5ba51f90dddd229af83d44dc2c7558efcef7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c1d1593ad1518a5ae988850f59f26dcb7cf64e823ee0fea0fb5c2f35e928cc
a5457128174d931326d6e2819cf1b529e685c64d2154005833b46ec4d8aed8d9
a6247a3f8002682990a158ac03f245a54cab8da6531e732f5771caa2e14dbd4c
aa3bf4e6eb287a428bfc471f23103c165a6797ec537efa8fb638636581888726
aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a
b000ec3ea5528c96ffe16f35e7428ea2630824ad84d68ef1206429fc727ff3e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20019e0ffa22f0d4265670cbe88153c3a8ddceb791606832bbd720227e0eb60
b2567fef5eda8faae7447709bec326bff13acccced03c64f72ae125ca5dde57d
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
bae4a118f19b0bd69b1460f99c3ef14621ca654e18ed46fcd828d074acb2ba1f
bb3d9e567c08b8593407b5dec3e0cff5ba83abd68a226376c088dcd758cd4d59
bbff7c43ce787493c46164564dc8af0effa0440b6fa04c8450e670af6242383f
c02ab9990d088d60bcf3fd3b43b7ba49e6e41b524069f6b7cf0150cc1e1266b0
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c835b178bc45f20688a788b8520596c1aaa8dd59d8589ed426ee9b3852382986
c8834d526c8c132dc9daee4969a95b2adf207b1bba06aaed6dbbcebffc5cef32
cd84e9826c96ada76b0219c08ecf8db22b27dd82c05a8db5f71c4ef5ba113ff2
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
d2abcf4ca4f543d63ed37e00a7c7daabed4a60822c15bea1d388d6b4fbfc4a5e
d7f8e3141104cccf66879951733a90cee362e11c4c92998bd0a508875fe3a393
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
df8d6a853589c98c658e1aa906459fdcbd3960cd9c2aed944e6909272f84143c
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e1def8dcae0b755d4d026b9285d6943f619cf65f380ff9f37bb5e8af6caa10df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e838b1e343fa940c47524cdf730f02cd474eb64d0dde385fbaa4993bc5c244da
eac31bfb763f15ef0e30937eba5faf7c7de418d06fe82a0704f7fbcaaca47dee
ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1eea51e56fb4cce40c3c74acda58243154dd48e12a41c39a35c152585867ced
f246f7999a5ad417109c5c937587450910a9d5f421736e2ad3da68719fda0133
f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab
f66582475fc8fb5efedf2071da10c61e66624f390596dab1eb319e4188e3d8c6
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3
fbaa4537828b59283670713628c19e8f1ed7dc03000f21da6dd0a01d9ee591d6
fcf696e3afbf7828617cfb57197aed82bfa72801bf30fad02fb77102a802b5fa
fd761139e3b62d2bc42ae872534f28be18cc2ff9f3e0028683af40274ed38941
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2