steamru.org Open in urlscan Pro
185.197.162.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://steamru.org/
Effective URL:
https://steamru.org/
Submission: On November 06 via api (November 6th 2023, 4:37:25 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 9 countries across 28 domains to perform 112 HTTP transactions. The main IP is 185.197.162.100, located in Latvia and belongs to THREE-W-INFRA-AS -- TRANSIT --, NL. The main domain is steamru.org.
TLS certificate: Issued by R3 on September 30th 2023. Valid for: 3 months.

This is the only time steamru.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	185.197.162.100 185.197.162.100	60144 (THREE-W-I...) (THREE-W-INFRA-AS -- TRANSIT --)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:3cd2:9b40:997b:1a6e	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:7400:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:8200:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	54.93.168.0 54.93.168.0	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	18.196.149.165 18.196.149.165	16509 (AMAZON-02) (AMAZON-02)
1	35.157.81.215 35.157.81.215	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
112	30

6 185.197.162.100 (Latvia) 1 redirects

ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL)
PTR: vps15026.ua-hosting.company

steamru.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:3cd2:9b40:997b:1a6e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.232 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:7400:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:8200:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Spain)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.168.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-168-0.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.149.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-149-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.81.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-81-215.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	420 KB
27	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	138 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	200 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com	70 KB
6	steamru.org 1 redirects steamru.org	26 KB
5	w55c.net 2 redirects cti.w55c.net — Cisco Umbrella Rank: 2945 ads.w55c.net — Cisco Umbrella Rank: 12680 i.w55c.net — Cisco Umbrella Rank: 1952 pm.w55c.net — Cisco Umbrella Rank: 912	43 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	238 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	605 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 188473 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	452 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	630 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	877 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 90716	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83719	436 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82742	261 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 100456	497 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 18131	696 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 284566	928 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	545 B
112	28

	Domain	Requested by
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	steamru.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	steamru.org	1 redirects steamru.org
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	steamru.org pagead2.googlesyndication.com googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	pm.w55c.net	2 redirects
2	www.googleadservices.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	i.w55c.net	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	cti.w55c.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
112	41

This site contains no links.

Subject Issuer	Validity	Valid
steamru.org R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://steamru.org/
Frame ID: 860BC0C524D250093ECB77E6421AD90E
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 808D9680574835AD1BC0C5794EF474C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&adk=1812271804&adf=3025194257&lmt=1699288639&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsteamru.org%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288640397&bpp=6&bdt=586&idt=252&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7648078499792&frm=20&pv=2&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 41D16AFF644FE2DEB58566470688DC85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3088186576&adf=2896993837&pi=t.aa~a.819600158~rp.1&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=3&bdt=2005&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0&nras=2&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=41EHGAfTqP&p=https%3A//steamru.org&dtd=11
Frame ID: E449776A4B4F83818F173BCE7B99E584
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Frame ID: E21C02A217D9EE3F148E57983D572AB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
Frame ID: FA1D1A4C994E17538F4B9561A2BC64F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 77F2B19DDE730562ACED175958B29FAC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6659E653C1C98C6FCD016CBBC6C92441
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB9F764654BBFB9C5969E2074A8FD6E9
Requests: 2 HTTP requests in this frame

Frame: https://p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: A4C45A07E41016458473B83238CFF3D5
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2A9D7ED76991746C07099DCADC387984
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C424FB8414C4186EEBD0A919AF1D47E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBA42068E238BD2855D91D8358E83F53
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 656A3F807EEC3EEDFDA266D245C430AF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D
Frame ID: 0583A1DF2AE610C072D05FB14EBEA7E8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Frame ID: 5803EDFA74E5FFA3CBC8C0588DBE7034
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCB1171E1975EE4A7BA878A6A8AADAE9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 9469BAA4E68894941DD85F2BCF16F051
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 43CDCC30BB0E5B0F3C6E8EC9C1764911
Requests: 1 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NzdGVhbXJ1Lm9yZw&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fsteamru.org&ciu=XRzTeTi6gk&btid=ODdDMjI5NkVGOTUyQjBENDRBMkQ4QTlDMjlEQTA2Rjl8R0ZkWWhRMWNGcHwxNjk5Mjg4NjQyMDk4fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfDM4MDc3ODI2NV9FWHwyNTEwNXx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=steamru.org&cip=1&hmt=1&uidu=CAESEG2BeU9ULPZMo2AAAtlROmA&spidu=GOOGLE_CONTENTNETWORK&pidu=steamru.org&hmpvu=81a8042b-97d2-44c5-bee2-fa3a3686541c&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&
Frame ID: 7534C70FDA4D9A1D91557878D14895AE
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C71117D7EFF58DA222994F9C7C24B4D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52F53F0DBAB3CF5BB8BE0068E3033D7F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Frame ID: 72D26D74B09BA2F7E59ED6D026B8910C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STEAM: клуб пользователей

Page URL History Show full URLs

http://steamru.org/ HTTP 301
https://steamru.org/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

112
Requests

88 %
HTTPS

47 %
IPv6

28
Domains

41
Subdomains

30
IPs

9
Countries

1146 kB
Transfer

3022 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://steamru.org/ HTTP 301
https://steamru.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHhh4kf9Jz4MVJLP_dDH37E&google_cver=1&google_push=AXcoOmQs3EmmxLRVoqqass2FrZVPGTu7CYnQ0uDI0UG5GisDDh1JP3B7L63XglA2KEubpLICLJGi0sV0cqI64jCdLHyGlCiG0grrpNU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHhh4kf9Jz4MVJLP_dDH37E&google_push=AXcoOmQs3EmmxLRVoqqass2FrZVPGTu7CYnQ0uDI0UG5GisDDh1JP3B7L63XglA2KEubpLICLJGi0sV0cqI64jCdLHyGlCiG0grrpNU

Request Chain 65

https://um.simpli.fi/gp_match?google_gid=CAESEPPGJeD5shaLET129HfYY-8&google_cver=1&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt24tWg-S2ne1cl8Fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BED05F56B2A495986D5794B8CE6CAD0&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt24tWg-S2ne1cl8Fw

Request Chain 67

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZghHQGdg4ehCyhgfpk3DE&google_cver=1&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8ExjSX9RnyIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8ExjSX9RnyIo&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B

Request Chain 68

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBi2M54WYr_V1CGgx8DPBVs&google_cver=1&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVnroXEPMhbHC7YaYzT-3Wo6Zc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBi2M54WYr_V1CGgx8DPBVs&google_cver=1&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVnroXEPMhbHC7YaYzT-3Wo6Zc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVnroXEPMhbHC7YaYzT-3Wo6Zc

Request Chain 70

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIcSrUr7MSwcP_bEjp8rKJg&google_cver=1&google_push=AXcoOmRQwmYSFmxTevfcxIIaKEzsTraO6cjjcNFx86Z0YxdYFf-bSaVNv4E6vjpJtzXYokhSRj8HDYeKJ4_JtBRpklZrS_RPcM_9a3E2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRQwmYSFmxTevfcxIIaKEzsTraO6cjjcNFx86Z0YxdYFf-bSaVNv4E6vjpJtzXYokhSRj8HDYeKJ4_JtBRpklZrS_RPcM_9a3E2 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=CO-8IQBZJZZisNvmTpt8PzueGaJvS-vVz2cLu2dsR9Y38wgMQASCQu4AEYJXikIKgB6ABmKqOtQHIAQKpAiKsWsuBCLI-qAMByAPJBKoE-QFP0KuGA82dnT_yl-pZSJ20MABhYgk77yMBz92vvShUTKzWYSn0rv97i66M5DlotxPsNjeIXVkgxkaC6Ut0WZUqMxTHXChZ4osWkNMxctLXsAR8_TD2aG_uDT10xoNJuLgv-AnnKQuwem_9s12cV5aGjcYiZbE1eyJj7pt7sWSLS9ZvIrLe0J1ryrI_shAkbY05Nf38A6DWTBVWboxOAtAQseIgC9Za5Cjd3VD55Gy4KP5PdRBwWIdgouZ4KewBXCD381Oc49e_ohdU19iCud4KiM-nZ1pWcrp0Y_H_1acKswKjq0ZED0DYc_lCBwCe0hJ_9kYOjdhre-vABNLjlu_HBIgF4sTFmk2SBQQIBBgBkgUECAUYBKAGAoAHxLfO8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCQ3gPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglFaHR0cHM6Ly93d3cuZ3JhdmlzLmRlL3NlcnZpY2VzL2FwcGxlLXdhdGNoLWRpZS16dWt1bmZ0LWRlci1nZXN1bmRoZWl0gAoByAsBogwMKgoKCOS0sQLutbEC2BMK0BUBgBcBshccChoIABIUcHViLTIxNDc5NDg2NTczODk4NjQYAA&sigh=Y611y-ks-z8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNmUQqwcuQfvxf1lXiq9hElYDZJXCkqsGmZFA6tSu8Lr9NkB1h2enSw4Spe4zC_ArSqG3HedmHlCREZ7OrSAKFG8ARPMgjhNcYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210328139882137222156%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229914431848946876033%22}&andc=true

Request Chain 92

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFIrMxJU1tIwWQVm7EgMVsI&google_cver=1&google_push=AXcoOmQg89V2cJm49RvW020TIqw8shvWQ7Crx6ak4L1IzFJ8N_I4rwHun4V4gIf-f2IteshIKj5dY-Iy-P5qHf15gm7z9hpbEoQeCS_LPkFoCfxQdsIDxtoxPDuJptbtAVBZIpGsJLTJQV1ntdFfvH48jaKIoeU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMzNjEwMzk5OTEzMzMxNzUzMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDJuLVLQ2is0HBrTuXHdDqM&google_cver=1

Request Chain 93

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1Dg4hKDQLs8ZuqAdm97tPuqIgSFDJWJoQQzYb-weY3gMgykxC-fgQN7RBS8IzQDwEHpURufVDF4h91WoJDL8QzV3nxhRdjT2poijtYsWl5b0msCA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1Dg4hKDQLs8ZuqAdm97tPuqIgSFDJWJoQQzYb-weY3gMgykxC-fgQN7RBS8IzQDwEHpURufVDF4h91WoJDL8QzV3nxhRdjT2poijtYsWl5b0msCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGVDYXBFOVExUjAyQmw1&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1Dg4hKDQLs8ZuqAdm97tPuqIgSFDJWJoQQzYb-weY3gMgykxC-fgQN7RBS8IzQDwEHpURufVDF4h91WoJDL8QzV3nxhRdjT2poijtYsWl5b0msCA

Request Chain 96

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDGkODPi8QwYnxjFHcFsjMI&google_cver=1&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZslfrc6DUBWSMyHxYEjHT0hPp5mEWh2IfVK9G2YMfUpdtyuBIzIsWzfQ-SURzXxlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZslfrc6DUBWSMyHxYEjHT0hPp5mEWh2IfVK9G2YMfUpdtyuBIzIsWzfQ-SURzXxlg&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B

Request Chain 98

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJlAvcplyRV7SnwfgPqEF-U&google_cver=1&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9xCLbpe-r6Vvm36Pjwv69jjcHUJjQ6Vv-W842aP-Vrh9tb31q7DkaYhWwFHS5MgkzAgLaHDkJQzT2HAAYxE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9xCLbpe-r6Vvm36Pjwv69jjcHUJjQ6Vv-W842aP-Vrh9tb31q7DkaYhWwFHS5MgkzAgLaHDkJQzT2HAAYxE

Request Chain 106

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1699288643_c310ecb1-7cc2-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 109

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CK3-1b_nr4IDFduigwcdgZMAjQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218

Request Chain 112

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=

112 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
steamru.org/
Redirect Chain

http://steamru.org/
https://steamru.org/

16 KB
5 KB

85ms
53ms

Document
text/html

185.197.162.100
THREE-W-INFRA-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://steamru.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),

Reverse DNS

vps15026.ua-hosting.company

Software

nginx /

Resource Hash

59385ae49bf5fa9dc2f4f9d8eadd4586a0b5573cde21be5e289b6a8a0ee6d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:37:19 GMT
last-modified: Mon, 06 Nov 2023 16:37:19 GMT
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-ua-compatible: IE=edge

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 06 Nov 2023 16:37:19 GMT
Location: https://steamru.org/
Server: nginx

GET
H2 200 style.min.css
steamru.org/themes/ 10 KB
3 KB 15ms
14ms Stylesheet
text/css 185.197.162.100
THREE-W-INFRA-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://steamru.org/themes/style.min.css

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),

Reverse DNS

vps15026.ua-hosting.company

Software

nginx /

Resource Hash

aa6670cd216514598e9395fb4bcaeecbd3d8bdd4bb541cc63ac995cf0308585e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:19 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 04:04:42 GMT
server: nginx
etag: W/"5ad8155a-27c2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 189ms
66ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:56:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:37:19 GMT

GET
H2 200 a.js Show response
steamru.org/js/ 158 B
386 B 15ms
15ms Script
application/javascript 185.197.162.100
THREE-W-INFRA-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://steamru.org/js/a.js

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),

Reverse DNS

vps15026.ua-hosting.company

Software

nginx /

Resource Hash

9a886adbe15add3ec3eb5ed564419a60981a0a2bb266efc369417df69c1f1064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:19 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 11:37:48 GMT
server: nginx
etag: W/"5f96b50c-9e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 278ms
151ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: steamru.org
URL: https://steamru.org/js/a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

591657d00f7ed53cbea6f2b8f795e881046d91785757ba30cb921bcafa055e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52017
x-xss-protection: 0
server: cafe
etag: 11633490689011747732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:20 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d621f523e84eb7af66e3daba984f5ee4ab9257e301462577c3c66582c880ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pwk.phtml Show response
steamru.org/ 51 KB
18 KB 31ms
31ms Script
application/javascript 185.197.162.100
THREE-W-INFRA-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://steamru.org/pwk.phtml

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),

Reverse DNS

vps15026.ua-hosting.company

Software

nginx /

Resource Hash

7f4972b6f7feb7a2dd6f98c8ea06df115dc3c07dca4efe0c0114ac85ddac47d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Fri, 29 Sep 2023 22:17:51 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31622400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 177ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://steamru.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 304228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 191ms
70ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://steamru.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 263665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 234ms
119ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://steamru.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 04:30:34 GMT
x-content-type-options: nosniff
age: 389206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 04:30:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 244ms
132ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://steamru.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 07:05:38 GMT
x-content-type-options: nosniff
age: 379902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 07:05:38 GMT

POST
H2 200 pwk.phtml
steamru.org/ 43 B
163 B 16ms
15ms Ping
image/gif 185.197.162.100
THREE-W-INFRA-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://steamru.org/pwk.phtml?action_name=STEAM%3A%20%D0%BA%D0%BB%D1%83%D0%B1%20%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9&param01=steamru.org&rec=1&r=163580&h=17&m=37&s=20&url=https%3A%2F%2Fsteamru.org%2F&_id=b25bf32a42378952&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=XM0B9w&pf_net=31&pf_srv=54&pf_tfr=0&pf_dm1=230

Requested by

Host: steamru.org
URL: https://steamru.org/pwk.phtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),

Reverse DNS

vps15026.ua-hosting.company

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://steamru.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Mon, 06 Nov 2023 16:37:20 GMT
strict-transport-security: max-age=31536000;
server: nginx
x-robots-tag: noindex, nofollow
content-length: 43
content-type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e39f6e0e75388541ef57f12ccaf4544633237180adecdc9210bf99b8abdfe943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138240
x-xss-protection: 0
server: cafe
etag: 5842458552842414566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 808D 10 KB
5 KB 178ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 17:02:58 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 17:02:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 217ms
66ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=steamru.org&callback=_gfp_s_&client=ca-pub-2147948657389864

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31a272d2278794d0d904e0713faad0c67980eb8eda40754394769e82db4fa3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41D1 357 KB
85 KB 926ms
925ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&adk=1812271804&adf=3025194257&lmt=1699288639&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsteamru.org%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288640397&bpp=6&bdt=586&idt=252&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7648078499792&frm=20&pv=2&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

077f223de487d74169a80f184bc9258797bb09b8289b0714319fddd3ce29ffbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86862
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:21 GMT
expires: Mon, 06 Nov 2023 16:37:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navigation&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 217ms
104ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccce2b9d4ee311f34bdd5ecf085c2fc8979d9edf1e692b2ad96ca9dd898cfb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12227
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 160 KB
55 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

012722fcee1ed3cccebf425a2dde2098f28dfc5236617a7b3205149c20161f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
server: cafe
etag: 2808891305696166597
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 606 B
484 B 66ms
65ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c3023e121b91592fcfb3122c2f57b03a40a056cd993c5a3b85bbd9a69c8ee17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:37:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:37:21 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E449 436 B
511 B 721ms
720ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3088186576&adf=2896993837&pi=t.aa~a.819600158~rp.1&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=3&bdt=2005&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0&nras=2&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=41EHGAfTqP&p=https%3A//steamru.org&dtd=11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19066b2ab6f34138805f807f6b619147686b24abe95c6877a889102ca56126d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E21C 50 KB
18 KB 630ms
628ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ea9bd73e7e8e94acfc548f17ce767031fb78c572d4c165ca9dd644036170369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18131
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA1D 48 KB
17 KB 419ms
419ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f9b67ffabd0141a4b7cb75aaba6e6f7f63da50dc763efd70f8724aead693f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17191
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 129ms
129ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://steamru.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 77F2 10 KB
4 KB 56ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 08:36:03 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 08:36:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 6659 10 KB
4 KB 56ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 08:36:03 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 08:36:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 267ms
138ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 77F2 4 KB
671 B 65ms
65ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:35:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77F2 205 B
295 B 185ms
70ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 91260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77F2 604 B
1 KB 169ms
54ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 274735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 77F2 16 KB
7 KB 164ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 00:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
server: cafe
etag: 11986448221276412250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 00:07:42 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 77F2 21 KB
9 KB 179ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:56:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 6659 23 KB
9 KB 237ms
167ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB9F 143 B
166 B 58ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A4C4 247 B
868 B 176ms
73ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

ce72fc8672b59cd28d88084b87be56bfd2cfcd0eec5281af75352d680f9b97fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-sfyH2_VB_r5opH0e4QyHAw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6659 3 KB
1 KB 231ms
165ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6659 20 KB
8 KB 178ms
113ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 200 13646897366860036552
tpc.googlesyndication.com/simgad/ Frame 6659 12 KB
12 KB 239ms
175ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13646897366860036552?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkjoYctjAGED-qtEHBhblp3sOlNEQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c09bd5592806cd77bd898b8314dd8c4e0b33755c4c08297d0994fe1a76fe99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 495315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12152
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 09:09:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 23:02:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6659 189 KB
60 KB 198ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6659 36 KB
14 KB 208ms
144ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

471e787ea8040e2ab945b49b81fb9e41f63e0198ba7f31af08011dae93769a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
server: cafe
etag: 17460182615079463251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:24:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2A9D 14 KB
1 KB 65ms
65ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:19:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2A9D 2 KB
879 B 145ms
125ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 2A9D 23 KB
9 KB 144ms
126ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C42 143 B
166 B 56ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2A9D 3 KB
1 KB 153ms
137ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2A9D 20 KB
9 KB 77ms
61ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A9D 189 KB
59 KB 242ms
167ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 2A9D 36 KB
15 KB 76ms
55ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C42
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A4C4 5 KB
2 KB 78ms
76ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

278d4d473606325439e5ea7e689dbfba8c86d4c673a6682bca485dd768c9a6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-ZM_CcJ5cRgG_Qf0GFw3uZQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBA4 13 KB
5 KB 57ms
56ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 09:40:27 GMT
expires: Tue, 05 Nov 2024 09:40:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 656A 829 B
998 B 66ms
65ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6b25156997bffc069907641f4259d54fabb6780be03dec1c092c040971602b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WDshtLjv3sLX6uR9F-EHQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://steamru.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WDshtLjv3sLX6uR9F-EHQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 16:37:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0583 2 KB
3 KB 91ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cc7fcb8c989b170e4b7e72c35976076bddf87b7880dc0ed8a9bcf305d294193

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 821ec2be89f9bb7a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 5803 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CCB1 1 KB
643 B 58ms
57ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Tue, 07 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 5803 20 KB
8 KB 59ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5803 0
0 66ms
63ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFXHzEgfmtPQfyV37zTJ_NBWKUtUl09lEXZMjauEcBSRa7dyXnojuTZA4Dhb45w4KRUqlQvpM1cgWKiEeA8POQcfXlNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5803 189 KB
59 KB 80ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 656A 0
0 91ms
90ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=4077888940432147&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame CBA4 38 KB
15 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 15:08:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0583 115 KB
14 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35767
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrkpCUAXxXdOAj7HFRc%2B1y6tOlgSvXg4Gk94ug73nuwmoWw39i990EADhzP%2F4mv3WZaosl970ppAHmxv4OsRNk2juSGYVLIJKaONMwXMreI3PdFWB5Uq%2FEcoyb1CuN0UdXBZZB3dT7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 821ec2bf4b01bb7a-FRA
expires: Tue, 07 Nov 2023 16:37:22 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0583 25 KB
10 KB 31ms
26ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35766
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6ncg1sAelUNUj466XbwnA9jo4MDneAy6YvFebUbB6zTGQBCevX9urjlquputHo8xETtsIJ8CS27afI11rRPPzky3cGusgddH0HVHzw2usahq5%2FZWjFeY%2BvZ5bY%2FEVIePNqYqbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 821ec2bf4b05bb7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 Nov 2023 06:41:16 GMT

GET
DATA 200
OK truncated
/ Frame 5803 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c9a3b50c54eaafda2535d059ff47e8eab2ffdb10ab8c3149d47d4804e298025

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6659 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c134cc05b72a08527aaa05cf8819786e2ee00959db0ccc3965dd8272e1243ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCB1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHhh4kf9Jz4MVJLP_dDH37E&google_push=AXcoOmQs3EmmxLRVoqqass2FrZVPGTu7CYnQ0uDI0UG5GisDDh1JP3B7L6...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHhh4kf9Jz4MVJLP_dDH37E&google_push=AXcoOmQs3EmmxLRVoqqass2FrZVPGTu7CYnQ0uDI0UG5GisDDh1JP3B7L63XglA2KEubpLICLJGi0sV0cqI64jCdLHyGlCiG0grrpNU

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230049-FRA
pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699288643.768982,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHhh4kf9Jz4MVJLP_dDH37E&google_push=AXcoOmQs3EmmxLRVoqqass2FrZVPGTu7CYnQ0uDI0UG5GisDDh1JP3B7L63XglA2KEubpLICLJGi0sV0cqI64jCdLHyGlCiG0grrpNU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CCB1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPPGJeD5shaLET129HfYY-8&google_cver=1&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt24tWg-S2ne1cl8Fw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BED05F56B2A495986D5794B8CE6CAD0&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt2...

170 B
329 B

52ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BED05F56B2A495986D5794B8CE6CAD0&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt24tWg-S2ne1cl8Fw

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 16:37:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BED05F56B2A495986D5794B8CE6CAD0&google_push=AXcoOmT_kUhQHupIHbHASNJH10_4DmJJhXpza7HF_nNiG3VjTNytTRvEgdIW_WiaBCis2UgqoyxBMtr1GUysVt24tWg-S2ne1cl8Fw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 05 Nov 2023 16:37:22 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CCB1 70 B
149 B 268ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOoaTqjTQuhV1LHvvEkP6ug&google_cver=1&google_push=AXcoOmRZ4lSoRf94wrlBTwzdicinQZDLtj8ttgesyDVSy6nn_VutpBVV4z8eo3ghD-rcPzKP2_djgW_XeVISFC-MfCBa3-2Kfq72UAg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CCB1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZghHQGdg4ehCyhgfpk3DE&google_cver=1&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8Exj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8ExjSX9RnyIo&google_hm=eS1NY0FXWkpaRTJwRkh...

170 B
232 B

48ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8ExjSX9RnyIo&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 16:37:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSl2XxDLcox_p9Dsrol52r_6GjEBiheXC2pkb9BwYWVnqieulaW89p8B031PZQDriIshOwiQEgAvB_FSXV2CwE8ExjSX9RnyIo&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CCB1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBi2M54WYr_V1CGgx8DPBVs&google_cver=1&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVn...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBi2M54WYr_V1CGgx8DPBVs&google_cver=1&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1H...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCW...

170 B
232 B

51ms
44ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVnroXEPMhbHC7YaYzT-3Wo6Zc

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmTjDLK0MobjB6Xviw2MD9tbACWTMVqWudUYL2SaQN7_4uJKISPFuHlHhQNM_yPlFx41I1HhCWVnroXEPMhbHC7YaYzT-3Wo6Zc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CCB1 43 B
363 B 249ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSZfh-bm586A7XVCdMxRWxx5eF7LnU2boWxgKkFA1Nd9z9ofcUZVYYMeS9ImwEHKBKcdIds3w4OjwaNZNuzQuv76ZCrnTJl_w&google_gid=CAESEMTxwcDAbxGy_hRafYf_zco&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219839
expires: Mon, 06 Nov 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame CCB1
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIcSrUr7MSwc...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRQwmYSFmxTevfcxIIaKEzsTraO6cjjcNFx86Z0YxdYFf-bSaVNv4E6vjpJtzXYokhSRj8HDYeKJ4_JtBRpklZrS_RPcM_9a3E2
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

66ms
65ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 16:37:23 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CCB1 0
130 B 277ms
44ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiJBGc1j7hBc-Wre-Jb-O98TtJGgydjTKyKEzDIbuzrTqXHCKlIU95z1FEnM_OEHi69d-boA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9469 50 KB
19 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19631
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:38:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6659
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CO-8IQBZJZZisNvmTpt8PzueGaJvS-vVz2cLu2dsR9Y38wgMQASCQu4AEYJXikIKgB6ABmKqOtQHIAQKpAiKsWsuBCLI-qAMByAPJBKoE-QFP0KuGA82dnT_yl-pZSJ20MABhYgk77yMBz92...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210328139882137222156%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22...

0
0

153ms
73ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210328139882137222156%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229914431848946876033%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10328139882137222156","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"9914431848946876033"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:37:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 16:37:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10328139882137222156","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"9914431848946876033"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 43CD 50 KB
19 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js

Requested by

Host: steamru.org
URL: https://steamru.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19631
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:38:15 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 7534 5 KB
2 KB 177ms
7ms Script
application/javascript 2600:9000:2251:7400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NzdGVhbXJ1Lm9yZw&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fsteamru.org&ciu=XRzTeTi6gk&btid=ODdDMjI5NkVGOTUyQjBENDRBMkQ4QTlDMjlEQTA2Rjl8R0ZkWWhRMWNGcHwxNjk5Mjg4NjQyMDk4fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfDM4MDc3ODI2NV9FWHwyNTEwNXx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=steamru.org&cip=1&hmt=1&uidu=CAESEG2BeU9ULPZMo2AAAtlROmA&spidu=GOOGLE_CONTENTNETWORK&pidu=steamru.org&hmpvu=81a8042b-97d2-44c5-bee2-fa3a3686541c&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:7400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 08:00:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 30995
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: toD1oZzXBJWSSydRhGoawvpZfrwpsLAdBcBC5L_lYuebVLXaaaV1oA==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7534 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7534 20 KB
8 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7534 0
0 66ms
65ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOOxrhZ0ZEBSh848dua5hbD77ZXPjQr_Jn9wWzXoCSy-j06l8xuohqtCkBFyZKtLCyeb-uiHBL0CZGe9Kai3EMR0pdtQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7534 189 KB
59 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:37:22 GMT

GET
H2 200 XassetkFJs3ny4.png
ads.w55c.net/t/d/ Frame 7534 38 KB
39 KB 178ms
8ms Image
image/png 2600:9000:2491:8200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetkFJs3ny4.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=ODdDMjI5NkVGOTUyQjBENDRBMkQ4QTlDMjlEQTA2Rjl8R0ZkWWhRMWNGcHwxNjk5Mjg4NjQyMDk4fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfDM4MDc3ODI2NV9FWHwyNTEwNXx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fsteamru.org&ts=1699288642100&c=DE&r=G-HE&epid=R0NzdGVhbXJ1Lm9yZw&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: SLHuFXuOnpUf03k5jtH8203t4E1wMpAt
date: Mon, 06 Nov 2023 08:56:57 GMT
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 27625
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 38935
x-amz-meta-height: 250
content-length: 38935
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "b29dd6c8e5bad4c52ce4a5727083404e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: s15DrPucwTsvCeEQwSLmwo4VjNlMTGF8pzgVs3IeZ8b8G4XAgrnwew==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 7534 95 B
928 B 241ms
36ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=6931978111512291
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Spain, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 16:37:22 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Thu, 03 Nov 2033 16:37:22 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0583 3 KB
4 KB 176ms
28ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1675
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hsyu2yWe1mwU%2Fr6DWSuH%2BNnEy8Lyp4oPHmKR3G1nTAEffbO7zZh5Ko4MWniJGPLUTeqFy0rj%2FOA3vXIeIFdotjFOpnZTHCihKwJ9ahoc%2FShFPmWAratPu7x38Gffv9FdgyrMDC3g31Gs7NUFaMsgAleq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 821ec2c15cc135f7-FRA
expires: Mon, 06 Nov 2023 17:09:27 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C711 2 KB
2 KB 34ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35767
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 821ec2c14f451cc7-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:37:22 GMT
expires: Mon, 06 Nov 2023 07:07:05 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD0Tbc%2Bd4k8dhv8gDVCO%2FSTY3Q50Wz6H9%2BAYvgjipGKmDTXg2VP%2FrsuWgxMAUq9ExItXaMZDyGQNfdJGTQ9Qlg0FvXZgxsqOPIaLo1ctKHYrCHBPPf8zM4%2B67oMkgjLThijN20o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBA4 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-INFiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 196ms
73ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:37:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 52F5 1 KB
643 B 58ms
56ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Tue, 07 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5803 0
19 B 105ms
102ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-trVQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBOwBT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-Nl0vQvcmGxBjXCyNjRVwdqJMO4AkVwDDwVFcBZWC_ikZrf7QUi6ABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTQ3OTQ4NjU3Mzg5ODY0GAA&sigh=GMcZ07jAaV8&uach_m=[UACH]&cid=CAQSPADICaaNn6bFubo26uR16aWBf6RWrTdHNRTsZGRxhEigJqz6lNgzMCN6SO68h5LX94VUuEGfAJ5okTJFfxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 16:37:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5803 0
103 B 126ms
58ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hy8pss4ppj36y4rnfad0h3bwszpgsq6a5pzdqxdndrnn77x1m1sd6b9achznegh9azqtvg1pcffqh6cyf0g1x7jkg3aq90vk94rpbvq63a9qydtqcbrp5yjsq0vmh93622c93c9dgwpz550m3av10hc7s92z3ke9ea3kq6e9z6s617pwtsychv9895g3hezkmxx72r23bckbpng4pgpwfqmk950pq74ddgfd99b00xz6ryy2szcqenn9y2gawzr20kwsrynpkckqaazxpkywnbk4c2xkh696sz0h00k9czcjs7g7bqffvykd6g58cmj867g8z8k24hg3p26kcwjf0zt69w09pm4tzjjsxbes65srgcqwj6tr4ez3ar932zqypbs3xqvmr&b=ZUkWQQANrCEK7cRIAAWKSDhdsqbdgu5PbDjcIw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&daaos=1699222678956&w=1200&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2005&idt=0&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280%2C307x250&nras=4&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YiMAcYoRJw&p=https%3A//steamru.org&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Nov 2023 16:37:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 7534 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd8a7e37022e8179ee8e9235e31f46a6ca876fcf87313978c037710f794fc394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7534 0
19 B 103ms
102ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIJilQRZJZfTPOryetOUPubqmqA-6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTQ3OTQ4NjU3Mzg5ODY0yAEJqAMByAMCqgTsAU_QJcbVgxKfVDrZvldu_Sy0PQOvjejEv6AYEIgJNsPLXerZ-0UnVFXIUV1ULbBYvCT8vr7yj1WsagtPPt97gE2NDiE4ldFiKZFvxBW0rdIR1jdkpfMcWWZjT0zc-7vuGngpei1qgG5T4MiRezjhIDGqx314OfBmmcKPw1cc3pbVyz228gta8thhAsbgEk0sVKEjvzbNmoWZUzXxJATYa-oQKFccdLrKOEPO4rVVwqgAK9rtfooIZ7uXjvxbW-krYjESXvp_za78mcC1z30x4uKxSY1yV35BU2-GlLssS8JPvx5rs9LzfmPkSwgzgAab64rrxo6C6kugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjE0Nzk0ODY1NzM4OTg2NBgA&sigh=1thOTqgIosc&uach_m=[UACH]&cid=CAQSPADICaaN2tNV5u7CZwQI-ionRzHxAp1RrQxfjRUrXAd5uTI518ByLpOuViQA_CVAzf0ciNf46F4TJZn7_RgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 16:37:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 7534 42 B
582 B 61ms
9ms Image
image/gif 54.93.168.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=ODdDMjI5NkVGOTUyQjBENDRBMkQ4QTlDMjlEQTA2Rjl8R0ZkWWhRMWNGcHwxNjk5Mjg4NjQyMDk4fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfDM4MDc3ODI2NV9FWHwyNTEwNXx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZUkWQQAOp_QGrQ88AAmdOb1RhdoR6_iJjq--AA&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=steamru.org&s=https%3A%2F%2Fsteamru.org&ts=1699288642100&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=6931978111512291&epid=R0NzdGVhbXJ1Lm9yZw&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1ocWFxcHZ5RQ&l=cnV8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VHMkJlVTlVTFBaTW8yQUFBdGxST21B&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=FpY-mJksLu2je4iNYRfk0w&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&az=europe-west1-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEG2BeU9ULPZMo2AAAtlROmA&spidu=GOOGLE_CONTENTNETWORK&pidu=steamru.org&hmpvu=81a8042b-97d2-44c5-bee2-fa3a3686541c&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.168.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-168-0.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 16:37:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 52F5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFIrMxJU1tIwWQVm7EgMVsI&google_cver=1&google_push=AXcoOmQg89V2cJm49RvW020TIqw8shvWQ7Crx6ak4L1IzFJ8N_I4rwHun4V4gIf-f2IteshIKj5dY-Iy-P5qHf15gm7z9hpbEoQeC...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMzNjEwMzk5OTEzMzMxNzUzMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDJuLVLQ2is0HBrTuXHdDqM&google_cver=1

43 B
398 B

44ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDJuLVLQ2is0HBrTuXHdDqM&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDJuLVLQ2is0HBrTuXHdDqM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52F5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGVDYXBFOVExUjAyQmw1&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGVDYXBFOVExUjAyQmw1&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1Dg4hKDQLs8ZuqAdm97tPuqIgSFDJWJoQQzYb-weY3gMgykxC-fgQN7RBS8IzQDwEHpURufVDF4h91WoJDL8QzV3nxhRdjT2poijtYsWl5b0msCA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 16:37:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0876b9bf50f8ab74e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGVDYXBFOVExUjAyQmw1&google_gid=CAESEG2BeU9ULPZMo2AAAtlROmA&google_cver=1&google_push=AXcoOmSVLvxv6geqlUDyveXht1juBnrMqQg8_MaWF-U8Sg1Dg4hKDQLs8ZuqAdm97tPuqIgSFDJWJoQQzYb-weY3gMgykxC-fgQN7RBS8IzQDwEHpURufVDF4h91WoJDL8QzV3nxhRdjT2poijtYsWl5b0msCA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 52F5 70 B
148 B 35ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJaVT08xr_5JZGR-3h1Hbzw&google_cver=1&google_push=AXcoOmTSlKiSE84hRNLK4EjtaF7iiDEslpcRe8aj2fQuMyUT81MP5DDiSASfl1qv3MwRzG7bH4R9BfxXq20komvipc7Tvr8jOtuiTO2MEvS1NVRBEx3DtXhBQ-LjI3pWXguZshcF40WwbAHKILrUvZMRKR8lie4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 52F5 43 B
146 B 43ms
7ms Image
image/gif 35.157.81.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAzDyremyjcwMDWXf_xQQEw&google_cver=1&google_push=AXcoOmS3VqOuLCdL0q71ZJytB1TluA3XRie_Fb6S3G_LwWoAQaqGheUM-SzthtQqBuRqhwUP1TmWI1HZgUKmCwsN8PmeVmzB1h4lvK42CciiMLnERHHsrD4efr2KErtI9WKvbfANqxGTkz2QInQXx50mlwzvzLc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&daaos=1699222678956&w=307&fwrn=4&fwrnh=100&lmt=1699288639&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699288641815&bpp=1&bdt=2004&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb92b3c9a57e6c17-2258c4a3c7e400d9%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYPMMu5CjdJOIWBwP5I7y_U0XmJuw&gpic=UID%3D00000cb71d1631bd%3AT%3D1699288640%3ART%3D1699288640%3AS%3DALNI_MYpgoRHsbyoflXnXKKBDRIxQsNB5g&prev_fmts=0x0%2C1200x280&nras=3&correlator=7648078499792&frm=20&pv=1&ga_vid=391106791.1699288641&ga_sid=1699288641&ga_hid=1897181966&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079307%2C31079403%2C44798934%2C44807047%2C44807455%2C31078301%2C44806141%2C21065725&oid=2&pvsid=4077888940432147&tmod=389572941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=13xGGby0I7&p=https%3A//steamru.org&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.81.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-81-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52F5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDGkODPi8QwYnxjFHcFsjMI&google_cver=1&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZslfrc6DUBWSMyHxYEjHT0hPp5mEWh2IfVK9G2Y...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZslfrc6DUBWSMyHxYEjHT0hPp5mEWh2IfVK9G2YMfUpdtyuBIzIsWzfQ-SURzXxlg&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 16:37:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRCwrr5K6IId9kqt7OIOjsJhEUwE3VZYC1R0oMgOCMggqvDqJZLwqAxH7fKtBTrb0n9skYGInGvN5vepA1nkxt4YmZslfrc6DUBWSMyHxYEjHT0hPp5mEWh2IfVK9G2YMfUpdtyuBIzIsWzfQ-SURzXxlg&google_hm=eS1NY0FXWkpaRTJwRkh4ci4wOTByRkh1czAzT1RMMHVrZH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 52F5 43 B
362 B 17ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSVhLz3f_amW9NurUUix7br8Tt0GZtCOONt4SaihEc9RGdCBRwL3IFW10PItQ_VC3D4MKJ-7GVI9xVnnBLgksUn6V77z81oduDWXMp-l00DSmHePCyUByHGP53G4E1x_A1w6MQed_0nrzfvy0yW-Hk-ZVI&google_gid=CAESEI9sE_G-1t9EXlx8f0ryuhU&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 243989
expires: Mon, 06 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52F5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJlAvcplyRV7SnwfgPqEF-U&google_cver=1&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9xCL...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9x...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9xCLbpe-r6Vvm36Pjwv69jjcHUJjQ6Vv-W842aP-Vrh9tb31q7DkaYhWwFHS5MgkzAgLaHDkJQzT2HAAYxE

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI3NjU5MjU3NDY0MDUzNDM1Mg&google_push=AXcoOmRM9RL1u27EwWbDlEHL2tpSDsC8fboGNm9GhjGJlCx6ttGuxn6whdGCYZsag-1T8SvhKZwZ9xCLbpe-r6Vvm36Pjwv69jjcHUJjQ6Vv-W842aP-Vrh9tb31q7DkaYhWwFHS5MgkzAgLaHDkJQzT2HAAYxE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 52F5 0
12 B 50ms
50ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfbqmW8iLFlVzY4DREiMuZhCDG5soYwEGVmsTWJXvYn09gusMvWjTjpMp1S0dM2msHlsFx

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 0583 2 KB
2 KB 34ms
32ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696b0d3599c63e1df96a84b0c75a2ca4e88980d906bab44ea73cea02eb631fc9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntwpE8TbFvSltYj2okDGEJ33%2FbIyQ%2FHy1ictxtF7c4TXBiyOWasZRLkMbdUZ9pWDIViOTrMJQb3sPYEK%2FcFv3z%2FfhqdNfTu2e4H7iOWjoUGAZv7l1vcZEzhvihIY16oz5pyYcyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 821ec2c3bab04d28-FRA
x-backend-server: aa-reachservice-group-europe-west1-n5rv
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
30ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 821ec2c38a5f4d28-FRA
content-length: 24
content-type: text/plain
date: Mon, 06 Nov 2023 16:37:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiAicOxgx7aglEF5%2FdhHyUzSkXSuU7lM8Yd1ffM4UtJ4TkHYUrQ8oiBb87Vu6kbUbsrkoGtGyFbNNBbLzCusg0QTwYbTmPeEpJq9MAJGieamnj%2FjJzUIoQPWTqicqK%2FOM49%2FHVQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n5rv

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 72D2 9 KB
4 KB 58ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfabc7479753115a5acaaa59024486679171032053518832235bb0bca42fb927

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k44r90jk7jaa9npv16ezgy2w3r8k9062wxr2ewqdwxkjv2xthckqahfnganc93vnbfmy5t1csyyhpbph2sqd8e2rf5qy0edvp4pw19rmak43jdgvfb72n8andc33pf9dkf7zx8j4cscwq37ngtqrkjy783p40rrf29bdhte2amnyh5b39rw2q0gsxds9jhaqqntzy2vdakp7j1v15vs5wtmf3tq69mbdxmfanqhwt4zd8hjk19tm27j42kcggk5752cj2jwhkt53kvg9wzsr71x6kdcste9w1q2cj90j340j068mrgt4dd8rt4f1r8ngk8vtvtcp11b8ar89m2ydtk96jny43bnbeefm78v57ekeszvtdm2dkzq3d0s1pzsb0g2624tv27tqrbqph1821emqfpff2q83bydtexkzndxvn4t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%26client%3Dca-pub-2147948657389864%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 821ec2c3fb431cc7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:37:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 72D2 115 KB
14 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35768
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HThYUzU7SsKGGO5VgPtVgei0dVRDXbrkV4zUJWGFiB%2BsVLkSZbz72atWER3V%2BD4JDoB%2F%2FK8gec7bSKNRS2JMYy03pw4MdUYj3LdWAL8W9125BDgoK2hsSyDGQhSbxwkzbBk0mO%2FKGXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 821ec2c46bd31cc7-FRA
expires: Tue, 07 Nov 2023 16:37:23 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 72D2 7 KB
7 KB 36ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35768
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNNith236K8J1ipYp%2B64Uoj8ZrfzlFLFmIeV9h80wSV9%2FxZRDOepj%2B0qmLgRpyC5%2B4spRG8lWZ7DJMkPUSuBP7wG02t%2FiIXojeoeP%2BPm70CBb1vX6F9IqcD7Gh5tjyAT0y6LREzUdpGH13Pn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46aa5bb7a-FRA

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 72D2 61 KB
62 KB 43ms
40ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330a1d107d574e198ce29242a9e9622dee2d5c22e77ed65a6bb4b310a15f8635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35768
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 62542
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:05:33 GMT
server: cloudflare
etag: "ca300a2b0afdc79a9ff8a2c770fe896b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOoqZZL%2BnEt5xoG3KeiZol1tbMMz%2FIB5kcvd8wzkI7UihgMAxtIMETQmlLYs1j5Bbbyk5GuNkulzfi6JxrSagQpNqb1FH0hWBeSINovX6fExRqpsQOHyyPVx5%2FwnuIuJJ1YKAh1mVJxoQ6BN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46aa7bb7a-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 72D2
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1699288643_c310ecb1-7cc2-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

0
497 B

52ms
26ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1699288643_c310ecb1-7cc2-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 821ec2c5290a8ff4-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 06 Nov 2023 16:37:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1699288643_c310ecb1-7cc2-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 72D2 8 KB
8 KB 43ms
41ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35767
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wFVS9xdg79CTcTOaWNO0JMeRgYWK1AM%2B7%2BcsjH3p%2B7Cquo3VAQsi0Uc18OApYhKI7p91NxTuQx0gPhMVGejYu2Wc%2B6rJ85%2BbbQ7II48NhR2ehBT1iP9lZ9HVhezPVH64H4T%2BZoG%2FMKtTCol"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46aa3bb7a-FRA

GET
H2 200 C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 72D2 21 KB
22 KB 44ms
41ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35762
cf-polished: qual=85, origFmt=jpeg, origSize=50645
alt-svc: h3=":443"; ma=86400
content-length: 21720
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 14:50:31 GMT
server: cloudflare
etag: "c73080cea7b29464f4dd0b5558645ab6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr0pgZtBIIfTuJTyEUC1zd1qcWB6MGY7It3ev4t4njal8xy7FkIGShYGSD3Dn6ZhBE36qQo7dnnA2wsC4%2FnepRcGGt%2FJlqcatWjr1DdOTqU440OkHrLLWFAES6S9TEiXCMkeIgho8%2BzF4jeS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46aa4bb7a-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 72D2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CK3-1b_nr4IDFduigwcdgZMAjQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_N...

49 B
1 KB

107ms
23ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 16:37:23 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218
date: Mon, 06 Nov 2023 16:37:23 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 72D2 9 KB
10 KB 30ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99cd1ec1b2be8459b7a26eb6f554faae5d530247cfa6ce124deca49d3e4b09b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35767
cf-polished: qual=85, origFmt=jpeg, origSize=9779
alt-svc: h3=":443"; ma=86400
content-length: 9584
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 14:10:56 GMT
server: cloudflare
etag: "e221c4d09449924c55e0cb0e2a6aa4ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYCTOaIjY8WHBYdvp7T8Z3ZZkqy0fHCjCSGsOURgaPvJIwMeBq0EnCbdhV%2FmbPa0v8xsWaUA%2Bs07qU2XqFG5slOmNO1Q3fgngIZaQlhmVzU7UJZvzUpMhig6IOfkblS%2FBcGiU4JST%2FYqbQdI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46a9fbb7a-FRA

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame 72D2 44 KB
45 KB 32ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C19877%2C59372&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2Ck56T5f3fWEda4HwHetBtVVWfZSjTprWTjV%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2CzmrcRfYfR6qspHBHMtJCzzAfVSwTgBqFrd%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj&c=728&d=90&e=&g=65b6f219b1741b3bdc4dcba8af86bf34%2F13553724760503685644&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1699288643166&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3jdnhhnd4zqbaqq4tn8jbw0c51tkxv4w694qjcpsca10skebckcwjdeh1x5bnv4wm86j3xh0qw0p8wheny51vp8xzhkrmwpaq8qeey8dff4ca1ms24h3ewzq19q5ht0rsgmvdv8jssjrbj41r0zv108jh84s99p1qf1tn30t1yfh7vpha60ry97gzz7f2v088n1gbdjnda205vcf2sn0h2vhpph5hym1tg93r3yp3ndhgba5dq0xf43tczh4pze7x0rg6qxz3pxyhnym40%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPuErQRZJZaHYNsiItwfIlJZgkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjE0Nzk0ODY1NzM4OTg2NMgBCakCIqxay4EIsj6oAwHIAwKqBO8BT9B2gSVyKif403hWTXA6zRkz4eCNXorkkkqrqobFlwDQpIdcwISx5gdxDS-JheVBvOPvsjKu-39LGj3hZC7Q-DaixSYgROsvnbC6pOrUrBB-LvTRLg7g0iWoMcA7zVWgtpbLpWxT2JeYWG2qnwEJfbuz01ZAaedSk3Gs7JgKXnDQkUIk1NZ8SMn7Atx_P4RB7JVtG9yJIKU7UfKZMXPDESpnYIoBMhbqOujhLNGh7i9FmWYVIU9woZFFpM4VBnp-YU4R5iY-dF8O0CDfnFCr22QbV1zihJtYMS0ueRgeQZMVl20W4AUBeCJPEubDkMyABoaRu5r_9c2jeKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2H5p0IXg8A_wf6iSu4uS7X7HqLkA%2526client%253Dca-pub-2147948657389864%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f57ab501aeced82cc48305f8eaf1de621c24d60add4230f61644297423282bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35767
cf-polished: qual=85, origFmt=jpeg, origSize=54840
alt-svc: h3=":443"; ma=86400
content-length: 45428
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:15:26 GMT
server: cloudflare
etag: "b92061339688fd77c8f7554c039f6414"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkUIoK9C9%2BZifcg%2FHlXxDfwa0RPHdmQ3L%2F%2FsVCpzYI3bFCfQflx%2BfKkkSU7t87%2By8rFugG7qqzqLZDVjiunzpyrL7BCuLYxd1UEO9%2BrwJIyJefycJucl6wyOcrFNvUxBxGoedKOp0iTZITN9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 821ec2c46aa8bb7a-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame 72D2
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=45665...

0
630 B

61ms
23ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:37:22 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 06 Nov 2023 05:37:23 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 16:37:23 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B9D59BC1:AD50_91EFC182:01BB_65491643_1A58B53:1A42B
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=4077888940432147&bg=!u7iluPfNAAb4oU7C2KE7ADQBe5WfOO32E08E7VDQfA6tImIWTX_hp8U7SvWRWvcTFJmkr_GOokMfe0m6IW18E0c03_0ZAgAAAM1SAAAAB2gBBwoAT6GeFE3ZmAtjEs2DJN1jGXryoQBhX-xJ4_u23Jtc2uEndss-OJWay7757R8jc7x7I6V7WcuX_clyw_PW4BK9W5GvlUxXv1MkwhqYSl0vYdSZAvZP2SWq128LDCvt6K2Z6QTvYbHF668JH4OoigzCuiiyq-aiTwW0fq2xbTNmXEn9xVGRszAUvINMnIDL9Hthftv9eq05OPlZZwhhxm6CdsiCsfWtOspQoED4n0_FwsOlnjzRKZUBNu-KZoArPQ92WyRzTx_fvJpL2Yy04GnpZc4fSwj4NBs2I22wzh3n6b1S8nVYo7mnCmyHGoTPwfL9IJIL90WN0-qGnBQXUz5jXwSYo-Ihlqe_9Q9uB_U7w9O6ICxG3PuYaOTC9iUXYXODMqwH67r_MUgWd3ENNSCTM_uKHQhqbs7vS2dDV1GRb32lV1aDuGXrL7PQAqlbz-k3XYZO0hTcBtGFyXx0Xfu-jV4j5cMp5-HeehKT8A0ubXHnS7Ec77l_vpugUXmWpWG8ijOHVwfSsmG-gsUHhJp-zi7O57ftKbosmynGNyPFI9-8cEGfQWW3KQlsPu0_5RWNYAPFXEfGcgdpbsIJ1l6Vk6qZW8uFRhgNsAy_kWcN1ytDQvusTA9ybHw3sZGY59_90TARLYedURVd-8FaHOlD5ShTZthh9kTOJ3uNDHUEP1fOa7k7mnF4rW6dMYmRub1iGGptcmhGVvWmW035l2cm_lugwZao1G1WxWS3_fNKGlHTw55Gdf7cMthZ5JFoxbEYqO6GhVv4_J0LmL4ly57Xj0k4cUH7tSw8dCiDHnaLM-q5UQ18kfpuh0k8Q4fV5yDoeNo--riKXubqM7lAjGW6CVfn0E3cNf1rCvMm7Q2V9xBJmyj_uNHra5YMWDsKRy3hDaXhlRDTWNDpwPw_f7ZkQL1RriOItyb4uqZiyVhduWVhbN3w_-yePePLQnt0Iq_T2NlvfLGNhMTayeYjvLcDQnK4isNZTJDX_0EqBzrl_HCcvS6gYVgbv9xjBYjWbarL3ajIcWYCKv-FXq4rQxuFhKgNV-tEpw9hIABtlAlcxiT5EVFrsRUxFzQrSeLlxInSjvwxedHHB_7MjVylCKA7aa_PTBXz7CLZAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamru.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6659 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI1d_fvNa80XolgMj1dk7WU2TqL5NkYw4c30Fcpna65FitDrbzCX2XZz6MI-oAQLQjx6dFAMewhYsrCwcThrf3sem95iapfHXSXbdtrpMtTG-ok37UULNxWbeXZvYWjQ2BMH9aaeb75V7p&sai=AMfl-YQg_IXRqIZ_tfioQIPGpmJSGXjrOPzDgzaTeKNvA8wbApHkBD5kzxgO4LapAPcOph02cMAwuvGIOusRECo_NgAV9sl0OC0qU4n-L7y1FI6pPz0sxkPTyc5kjo22BZWMkgW937326y7NJLIHXw&sig=Cg0ArKJSzFdy8jyXQMvSEAE&cid=CAQSTADICaaNmUQqwcuQfvxf1lXiq9hElYDZJXCkqsGmZFA6tSu8Lr9NkB1h2enSw4Spe4zC_ArSqG3HedmHlCREZ7OrSAKFG8ARPMgjhNcYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699288641942&rpt=430&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:37:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
steamru.org/	1970-01-21 01:27:23	Name: _pk_id.steamru.org.f8d7 Value: b25bf32a42378952.1699288640.
steamru.org/	1970-01-20 16:01:30	Name: _pk_ses.steamru.org.f8d7 Value: 1
.steamru.org/	1970-01-21 01:23:04	Name: __gads Value: ID=95d2e819b0349e69:T=1699288640:RT=1699288640:S=ALNI_MYoNfcQfNBKRXEIJUkTlZgngG6uYA
.steamru.org/	1970-01-21 01:23:04	Name: __gpi Value: UID=00000cc9a539fd99:T=1699288640:RT=1699288640:S=ALNI_MZeM3DxplHaXPtS0ZyltWbjqokaYQ
.doubleclick.net/	1970-01-20 16:01:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:23:04	Name: IDE Value: AHWqTUmEj0Wvlh_KQZD5jMXSKXN0zvqxE1QE41UKAJFFzcQNzrb2qRd8HAXZFLHacMU
.simpli.fi/	1970-01-21 00:48:31	Name: suid Value: 4BED05F56B2A495986D5794B8CE6CAD0
.adform.net/	1970-01-20 16:44:40	Name: C Value: 1
.yahoo.com/	1970-01-21 00:47:26	Name: A3 Value: d=AQABBEIWSWUCEArz6vDmZ9ASFiH6Xo32PDMFEgEBAQFnSmVSZQAAAAAA_eMAAA&S=AQAAAmX3B0pQEB8kyznnh7sE9Mk
.adform.net/	1970-01-20 17:27:52	Name: uid Value: 2276592574640534352
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1699288642%2C%22utid%22%3A%2266580e4d659c2478d2a4f5610821b76c%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.everesttech.net/	1970-01-21 00:47:04	Name: everest_g_v2 Value: g_surferid~ZUkWQgABxmYR3ABH
.googleadservices.com/	1970-01-20 18:11:04	Name: ar_debug Value: 1
.w55c.net/	1970-01-21 01:31:43	Name: wfivefivec Value: 8eCapE9Q1R02Bl5
.w55c.net/	1970-01-20 16:44:40	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 20:20:40	Name: uid Value: 2336103999133317531
.awin1.com/	1970-01-20 16:05:47	Name: awpv11354 Value: 412871\|1699288643\|c310ecb1-7cc2-11ee-84cc-223908f3a6a6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 16:05:47	Name: HTLP_timestamp Value: 1699288643400
www.conrad.de/	1970-01-20 16:05:47	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 16:01:30	Name: __cf_bm Value: Pr3BP2.M5jb_3ATzm_CH_9zDFNg_7IVM9i5oZWw__tk-1699288643-0-ASwMaIxZfwkR1mIsduCHuuLZGPqsf6BNxUsRxcRjBVGy9j5mz4ED9d8+DpX3YSN3jMOgVMHPGfA6I+pRO4/ejcA=
.doubleclick.net/	1970-01-20 20:20:40	Name: APC Value: AfxxVi7qNv6qn2EfvOMOGR_VWqMl8TgtWxngFy_dWjzGTGSmigMbWQ
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gv0u5qzqxtcwbl4q1qwejpu0
pb.media01.eu/	1970-01-21 01:37:28	Name: DTU Value: F0F2A5E633CECCCF54A1EF577AC6105C
.o2online.de/	1970-01-20 16:11:33	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5OTI4ODY0M3ZsZWExZGUyMDIzMTEwNjE3MzcyMzkwMzQxODEyODQ3WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRrNTZUNWYzZldFZGE0SHdIZXRCdFZWV2ZaU2pUcHJXVGpWb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDAyX1NTUF9DT05UUk9MX0FEWDExNzY3OQ
.o2online.de/	1970-01-20 16:11:33	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 16:11:33	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023110617372390341812847X117679V1226132702MSviewoneidk56T5f3fWEda4HwHetBtVVWfZSjTprWTjVoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5OTI4ODY0M3ZsZWExZGUyMDIzMTEwNjE3MzcyMzkwMzQxODEyODQ3WDExNzY3OVYxMjI2MTMyNzAyT

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
ads.w55c.net
as.ad4m.at
assets.ad4m.at
c1.adform.net
cm.g.doubleclick.net
cti.w55c.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.w55c.net
match.adsrvr.org
p4-a2mkmuifhphni-4aw6ptcbkfaue3pr-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
static-de.ad4mat.net
steamru.org
sync-tm.everesttech.net
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
142.250.185.99
142.250.186.134
142.250.186.34
142.250.186.66
145.239.193.130
151.101.130.49
154.58.197.185
167.233.13.224
178.250.1.9
18.196.149.165
185.197.162.100
2.16.97.41
2001:678:cb4:bbbb::11
23.212.218.19
2600:1901:0:76b9::
2600:9000:2251:7400:3:4706:a6c0:93a1
2600:9000:2491:8200:1b:f040:3600:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6810:c0cb
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a05:d018:d29:3602:3cd2:9b40:997b:1a6e
35.157.81.215
35.204.74.118
35.71.131.137
37.157.6.232
54.93.168.0
84.200.5.215
88.198.250.30
012722fcee1ed3cccebf425a2dde2098f28dfc5236617a7b3205149c20161f07
077f223de487d74169a80f184bc9258797bb09b8289b0714319fddd3ce29ffbd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc7fcb8c989b170e4b7e72c35976076bddf87b7880dc0ed8a9bcf305d294193
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c3023e121b91592fcfb3122c2f57b03a40a056cd993c5a3b85bbd9a69c8ee17
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
278d4d473606325439e5ea7e689dbfba8c86d4c673a6682bca485dd768c9a6cd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f9b67ffabd0141a4b7cb75aaba6e6f7f63da50dc763efd70f8724aead693f59
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a272d2278794d0d904e0713faad0c67980eb8eda40754394769e82db4fa3a0
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330a1d107d574e198ce29242a9e9622dee2d5c22e77ed65a6bb4b310a15f8635
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471e787ea8040e2ab945b49b81fb9e41f63e0198ba7f31af08011dae93769a6f
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4c09bd5592806cd77bd898b8314dd8c4e0b33755c4c08297d0994fe1a76fe99f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71
591657d00f7ed53cbea6f2b8f795e881046d91785757ba30cb921bcafa055e93
59385ae49bf5fa9dc2f4f9d8eadd4586a0b5573cde21be5e289b6a8a0ee6d400
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d621f523e84eb7af66e3daba984f5ee4ab9257e301462577c3c66582c880ab0
5f57ab501aeced82cc48305f8eaf1de621c24d60add4230f61644297423282bc
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
696b0d3599c63e1df96a84b0c75a2ca4e88980d906bab44ea73cea02eb631fc9
6c134cc05b72a08527aaa05cf8819786e2ee00959db0ccc3965dd8272e1243ae
7f4972b6f7feb7a2dd6f98c8ea06df115dc3c07dca4efe0c0114ac85ddac47d4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
99cd1ec1b2be8459b7a26eb6f554faae5d530247cfa6ce124deca49d3e4b09b2
9a886adbe15add3ec3eb5ed564419a60981a0a2bb266efc369417df69c1f1064
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9a3b50c54eaafda2535d059ff47e8eab2ffdb10ab8c3149d47d4804e298025
9ea9bd73e7e8e94acfc548f17ce767031fb78c572d4c165ca9dd644036170369
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
aa6670cd216514598e9395fb4bcaeecbd3d8bdd4bb541cc63ac995cf0308585e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b6b25156997bffc069907641f4259d54fabb6780be03dec1c092c040971602b1
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bd8a7e37022e8179ee8e9235e31f46a6ca876fcf87313978c037710f794fc394
bfabc7479753115a5acaaa59024486679171032053518832235bb0bca42fb927
ccce2b9d4ee311f34bdd5ecf085c2fc8979d9edf1e692b2ad96ca9dd898cfb33
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce72fc8672b59cd28d88084b87be56bfd2cfcd0eec5281af75352d680f9b97fa
d19066b2ab6f34138805f807f6b619147686b24abe95c6877a889102ca56126d
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e39f6e0e75388541ef57f12ccaf4544633237180adecdc9210bf99b8abdfe943
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

steamru.org Open in urlscan Pro 185.197.162.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

88 %HTTPS

47 %IPv6

28 Domains

41 Subdomains

30 IPs

9 Countries

1146 kBTransfer

3022 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

steamru.org Open in urlscan Pro
185.197.162.100 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

88 %
HTTPS

47 %
IPv6

28
Domains

41
Subdomains

30
IPs

9
Countries

1146 kB
Transfer

3022 kB
Size

28
Cookies

112 HTTP transactions
4 data transactions