steamerathletics.com Open in urlscan Pro
44.196.231.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://steamerathletics.com/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2023, 11:21:29 am UTC) — Scanned from DE

Summary HTTP 309 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 63 IPs in 11 countries across 59 domains to perform 309 HTTP transactions. The main IP is 44.196.231.237, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is steamerathletics.com.
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.

This is the only time steamerathletics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	44.196.231.237 44.196.231.237	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.216.206.235 52.216.206.235	16509 (AMAZON-02) (AMAZON-02)
1	52.217.133.81 52.217.133.81	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2 8	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:e8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
8	23.203.124.118 23.203.124.118	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
8	52.165.229.182 52.165.229.182	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.65.39.56 18.65.39.56	16509 (AMAZON-02) (AMAZON-02)
4	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:2800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:238... 2600:9000:238d:6800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
2 3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.203.125.127 23.203.125.127	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a00:1450:402... 2a00:1450:4025:402::9c	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
6	34.250.52.94 34.250.52.94	16509 (AMAZON-02) (AMAZON-02)
2	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	207.198.113.205 207.198.113.205	13768 (COGECO-PEER1) (COGECO-PEER1)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
6	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1 2	3.65.4.114 3.65.4.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 20	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.122.24.207 3.122.24.207	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.81.63.203 104.81.63.203	16625 (AKAMAI-AS) (AKAMAI-AS)
5	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	52.21.197.24 52.21.197.24	14618 (AMAZON-AES) (AMAZON-AES)
309	63

59 44.196.231.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-231-237.compute-1.amazonaws.com

steamerathletics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b8f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.whatfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.216.206.235 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

schoolassets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.133.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

bigteams-public-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.203.124.118 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-118.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.165.229.182 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

partners.spiritshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.bespoketechnologies.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.39.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-56.ams1.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:2800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:6800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eyepopperdigital-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-127.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.250.52.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.198.113.205 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

centro.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

dynamic-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.getcustom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.4.114 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-4-114.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.208.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.24.207 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-24-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.81.63.203 (Warsaw, Poland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-63-203.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.197.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-197-24.compute-1.amazonaws.com

emxhb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 ade.googlesyndication.com	353 KB
59	steamerathletics.com steamerathletics.com	1 MB
34	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	285 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 357	251 KB
10	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27316 ad4m.at — Cisco Umbrella Rank: 9707 assets.ad4m.at — Cisco Umbrella Rank: 36187	387 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 270	69 KB
7	bespoketechnologies.net tracker.bespoketechnologies.net — Cisco Umbrella Rank: 223549	7 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1618 m.addthis.com — Cisco Umbrella Rank: 1585 api-public.addthis.com — Cisco Umbrella Rank: 4569	217 KB
6	azureedge.net dynamic-cdn.azureedge.net — Cisco Umbrella Rank: 278439	43 KB
6	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1354	1 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2506 www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
6	amazonaws.com schoolassets.s3.amazonaws.com — Cisco Umbrella Rank: 271975 bigteams-public-prod.s3.amazonaws.com — Cisco Umbrella Rank: 312254	8 MB
5	33across.com ssc.33across.com Failed ssc-cms.33across.com — Cisco Umbrella Rank: 838
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	218 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 359 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6448	3 KB
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 963 pixel.quantserve.com — Cisco Umbrella Rank: 674	11 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 712	828 B
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 731	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	getcustom.net cdn.getcustom.net — Cisco Umbrella Rank: 257797	209 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 591	2 KB
3	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 913	5 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 735 syndication.twitter.com — Cisco Umbrella Rank: 1007	132 KB
3	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 12247	82 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4255	653 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 758 r.turn.com — Cisco Umbrella Rank: 3192	869 B
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 54489	757 B
2	bahn.de at.bahn.de — Cisco Umbrella Rank: 85535	3 KB
2	openx.net eyepopperdigital-d.openx.net — Cisco Umbrella Rank: 265348 u.openx.net — Cisco Umbrella Rank: 627	471 B
2	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	986 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	236 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 147	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1375	87 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	12 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 298	34 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	132 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16118	702 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788	75 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422	715 B
1	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 88059
1	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3568	191 B
1	pixel.ad 1 redirects centro.pixel.ad — Cisco Umbrella Rank: 55422	67 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1806	697 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 436	1 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 824	366 B
1	spiritshop.com partners.spiritshop.com — Cisco Umbrella Rank: 347564	5 KB
1	emxdgt.com e1.emxdgt.com Failed hb.emxdgt.com Failed emxhb.emxdgt.com — Cisco Umbrella Rank: 119325	147 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 729	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	17 KB
1	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4989	28 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	8 KB
1	whatfix.com cdn.whatfix.com — Cisco Umbrella Rank: 8253	4 KB
309	59

	Domain	Requested by
59	steamerathletics.com	steamerathletics.com
44	tpc.googlesyndication.com	steamerathletics.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com tpc.googlesyndication.com
17	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com steamerathletics.com
14	pagead2.googlesyndication.com	97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com pagead2.googlesyndication.com steamerathletics.com tpc.googlesyndication.com www.googletagservices.com
12	cdn.ampproject.org	cdn.confiant-integrations.net
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net steamerathletics.com
8	www.google.com	2 redirects steamerathletics.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
7	s0.2mdn.net	steamerathletics.com s0.2mdn.net
7	tracker.bespoketechnologies.net	partners.spiritshop.com steamerathletics.com
6	dynamic-cdn.azureedge.net	steamerathletics.com
6	protected-by.clarium.io	steamerathletics.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
5	ssc-cms.33across.com	biddr.brealtime.com
5	googleads.g.doubleclick.net	www.googleadservices.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com steamerathletics.com
5	schoolassets.s3.amazonaws.com	steamerathletics.com
5	www.googletagservices.com	steamerathletics.com 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	as.ad4m.at	97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
3	onetag-sys.com	2 redirects 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	cdn.getcustom.net	steamerathletics.com
3	api-public.addthis.com	s7.addthis.com
3	pixel.quantserve.com	steamerathletics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com steamerathletics.com
3	ap.lijit.com	2 redirects biddr.brealtime.com
3	rules.quantcount.com	secure.quantserve.com
3	region1.google-analytics.com	www.googletagmanager.com
3	s7.addthis.com	steamerathletics.com s7.addthis.com
3	biddr.brealtime.com	steamerathletics.com biddr.brealtime.com
2	assets.ad4m.at	as.ad4m.at
2	googleads4.g.doubleclick.net	steamerathletics.com
2	x.bidswitch.net	2 redirects
2	d5p.de17a.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	a.tribalfusion.com	1 redirects 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
2	d.adtriba.com	1 redirects 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
2	at.bahn.de	steamerathletics.com
2	www.facebook.com	steamerathletics.com
2	px.ads.linkedin.com	2 redirects
2	sb.scorecardresearch.com	steamerathletics.com
2	connect.facebook.net	steamerathletics.com connect.facebook.net
2	cdn.confiant-integrations.net	steamerathletics.com cdn.confiant-integrations.net
2	cdnjs.cloudflare.com	steamerathletics.com
2	platform.twitter.com	steamerathletics.com platform.twitter.com
2	www.googletagmanager.com	steamerathletics.com
1	ade.googlesyndication.com	steamerathletics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	emxhb.emxdgt.com	biddr.brealtime.com
1	u.openx.net	biddr.brealtime.com
1	www.awin1.com	as.ad4m.at
1	ssbsync.smartadserver.com	97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	steamerathletics.com
1	r.turn.com	steamerathletics.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	steamerathletics.com
1	pixel.sitescout.com	steamerathletics.com
1	centro.pixel.ad	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	eyepopperdigital-d.openx.net	biddr.brealtime.com
1	www.google.de	steamerathletics.com
1	px4.ads.linkedin.com	steamerathletics.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	secure.quantserve.com	steamerathletics.com
1	partners.spiritshop.com	steamerathletics.com
1	snap.licdn.com	steamerathletics.com
1	www.googleadservices.com	steamerathletics.com
1	cdn.datatables.net	steamerathletics.com
1	www.gstatic.com	steamerathletics.com
1	cdn.jsdelivr.net	steamerathletics.com
1	bigteams-public-prod.s3.amazonaws.com	steamerathletics.com
1	ajax.googleapis.com	steamerathletics.com
1	cdn.whatfix.com	steamerathletics.com
1	fonts.googleapis.com	steamerathletics.com
0	ssc.33across.com Failed	biddr.brealtime.com
0	hb.emxdgt.com Failed	biddr.brealtime.com
0	e1.emxdgt.com Failed	biddr.brealtime.com
309	86

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.facebook.com
www.spiritshop.com
www.qconline.com
www.bigteams.com
twitter.com
www.addthis.com

Subject Issuer	Validity	Valid
steamerathletics.com R3	`2023-02-15` - `2023-05-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.whatfix.com Go Daddy Secure Certificate Authority - G2	`2022-10-13` - `2023-11-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2023-01-23` - `2024-02-24`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
partners.spiritshop.com Go Daddy Secure Certificate Authority - G2	`2022-09-15` - `2023-09-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tracker.bespoketechnologies.net Go Daddy Secure Certificate Authority - G2	`2023-01-25` - `2024-01-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
protected-by.clarium.io Amazon RSA 2048 M02	`2022-12-16` - `2024-01-14`	a year	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2022-12-14` - `2024-01-07`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
sni2c28dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://steamerathletics.com/
Frame ID: E62AA1979454BB3F68CC369EDDAFA24A
Requests: 154 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.js?nnn=1676460071961
Frame ID: E08916218FB3DCD59C73B6289ADE30AC
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsteamerathletics.com
Frame ID: 0E989EBFD65030729807982381B6D70E
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F427F05D12676B0F09350E249E9ACA64
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 49E1322A1A0203054A7DCAA8D9FC3EA6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2A7D2F123454ECE6EC9B13A12284B60A
Requests: 1 HTTP requests in this frame

Frame: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF2A4FFE04099C804796A1BF20C12EAC
Requests: 1 HTTP requests in this frame

Frame: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 665946D064B71FDB0ED787A4F56ABD8E
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: 464F77A8D506885EB9EE86D6DDE5F3CC
Requests: 23 HTTP requests in this frame

Frame: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3098390859D3EC84527B7784F8344190
Requests: 8 HTTP requests in this frame

Frame: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9550FCF9A9FC0344A7169582BDC45F68
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: 7EC05F8C75418F18ED862DAD391B6D09
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc5d_qI0a-eoGEH6hw1CuOw1U4xENh1skyrl2aBTgWw5lHICSvJ3_pifs5MZjqo51-s6VZ1pFqTe0cYPumSd-5aBMA5HO8LP_lNdiV4rIHJ41V-pLvM5rZw8u_eZhDFfy1jJxml4jCIHd732n1DsueKCSa9RTOvTliqn3CssbuaEESZa9DE3bgysRTVwmT8NRDGbBzaS5LWWWtSqStYEuNgdgh8CXIiPCNRFtm_iFdteYWXahJ2WpCeKqWozgd8P1cg7JAY94cyQc4rLK2JSHD7nEmfPgOJVpivxkqxP1SmTBOfuO9mw3Yp1sbhHZMjZj0UiXpwG6IBPgpuo7_g-Za&sai=AMfl-YRYIK0QxfjyXEgTFHn6s_xlO7EjwdWy07PJINpMbokz8PGtgUOM2x-g_oyq9Z34A7klN0JXwL3UINCDjZJRPwdGLEwIteKhnssITUMf_CJ3f9g8ooOwM-aItG3jHA&sig=Cg0ArKJSzO71h8dEeNZpEAE&uach_m=[UACH]&adurl=
Frame ID: 531DC7531053C67AD652489D6465B08B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjg_KnbATAB&v=APEucNUvKx3JCK_MRp-vjgZnUqSqP6IN5rmH9j19HxkJRZ2hcPqxdjq_Ts2FtY_af4yvrJcKTz-yc80d0Yjhr1ZLQsT_8Ds1UX_ITAMH5Ai35DlCjKpOKdSIVAPXa7dzB0D4PB9OJgNeS_cGA0JIVlbSMbVTk_PaVRYZEtptK7DpI9r7QpSq-5s
Frame ID: 22BB431D9F8486C891C233BCB1519E92
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html
Frame ID: 6722D1275020CC434D765B1BA99487D5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A4053F8AD4FC5FD365C797F0D24AC4C6
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D
Frame ID: C447B7D198DF41764166EED3E20AF4D0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B42EBA3027025599F31708C10E9478C8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 738F4FC712016E32D4F02321A4238AEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A96F33F5543BBDA0957A284126790069
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43C59B2684F553B5B93CBB159A852399
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
Frame ID: 29147308F07DAA4C7E87D1846280A9CC
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0
Frame ID: 00C2B24D889E35BB8029986E5D112355
Requests: 5 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBVCwQDvCr7zyPrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Frame ID: EFE6EE7BE6A4D9E968E22445D4D9CAAD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dEiFysDvyr7yoErkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3C76171CF59A9BBDFA93CE16CA5C9C6D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a4ru10DvCr7yoDrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 25B9AC3BAC0047B8A87406AA05B37D21
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B41D33759EB7635B8428E9D64C871E9E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_spLCDvyr7zyPrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 97A8C4E81AF0B71B180AE6EF3DB16249
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E4B3392486FBF1F28B5E4B8B0997B05E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9Y54uDvyr7yoErkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5CD668D10F9B543A95CEDC8DFFD35800
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fulton High School FacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

309
Requests

90 %
HTTPS

57 %
IPv6

59
Domains

86
Subdomains

63
IPs

11
Countries

12546 kB
Transfer

18658 kB
Size

48
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.twitter.com/fultonsteamers
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/fultonsteamers
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school?utm_source=bigteams&utm_medium=partner&utm_campaign=5d66bce596dfbc1bca6dc9d3&utm_content=IL6125211664&utm_term=
Title: Steamers Superstore

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school?utm_source=bigteams&utm_medium=partner&utm_campaign=58efae7c1486ff3ba470f133&utm_content=IL6125211664&utm_term=softball

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school/product-1304?color_id=13616&top=Fulton&bottom=Steamers&design_id=20413&utm_source=bigteams&utm_medium=partner&utm_campaign=58efae7c1486ff3ba470f133&utm_content=IL6125211664&utm_term=softball
Title: Steamers

Search URL Search Domain Scan URL

URL: http://www.qconline.com/sports/high_school_sports/schroeder-s-fast-start-fueling-steamers-aspirations/article_5074cc2b-2b6a-509d-8bfc-488ef82e1899.html
Title: http://www.qconline.com/sports/high_school_sports/schroeder-s-fast-start-fueling-steamers-aspirations/article_5074cc2b-2b6a-509d-8bfc-488ef82e1899.html

Search URL Search Domain Scan URL

URL: http://www.qconline.com/sports/high_school_sports/lindeman-does-a-little-bit-of-everything/article_6f6b96ee-cd13-505b-993f-3eca9268a657.html
Title: http://www.qconline.com/sports/high_school_sports/lindeman-does-a-little-bit-of-everything/article_6f6b96ee-cd13-505b-993f-3eca9268a657.html

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school/product-1049?color_id=9970&top=Fulton&bottom=Steamers&design_id=76221&utm_source=bigteams&utm_medium=partner&utm_campaign=5d66bcec96dfbc1bca6dc9d4&utm_content=IL6125211664&utm_term=
Title: Custom

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school?utm_source=bigteams&utm_medium=partner&utm_campaign=5d66bcec96dfbc1bca6dc9d4&utm_content=IL6125211664&utm_term=

Search URL Search Domain Scan URL

URL: https://www.spiritshop.com/school/illinois/fulton/fulton-high-school/product-1304?color_id=13611&top=Fulton&bottom=Steamers&design_id=76146&utm_source=bigteams&utm_medium=partner&utm_campaign=58efae7c1486ff3ba470f133&utm_content=IL6125211664&utm_term=softball
Title: Steamers

Search URL Search Domain Scan URL

URL: https://www.bigteams.com/advertise-to-reach-high-school-athletes-athletic-directors/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.bigteams.com/

Search URL Search Domain Scan URL

URL: https://www.bigteams.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bigteams.com/end-user-agreement/
Title: End User Agreement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BigTeams/

Search URL Search Domain Scan URL

URL: https://twitter.com/bigteams?lang=en

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 91

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D549778%26time%3D1676460072372%26url%3Dhttps%253A%252F%252Fsteamerathletics.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true&e_ipv6=AQIAXWaEre_2qAAAAYZUzqCHMChNybBNwYZD9QaMIwnT4IQPOed2DKHgrJiYx-X-AwrkIPzjCdSg

Request Chain 197

https://centro.pixel.ad/iap/9dd38895fe88e3af HTTP 301
https://pixel.sitescout.com/iap/9dd38895fe88e3af

Request Chain 207

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1

Request Chain 237

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.zAKqBkVisZOCJ9P6HkqAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1&google_hm=2

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENFUHamMDw2_cnf41TCYm_c&google_cver=1

Request Chain 239

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU0MjQxMTI2MTg1NjUw

Request Chain 249

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1&google_push=Aa02lx-GxzIqY8DbXQ9mAWOHTuHbLiNb0YkqZVQ9CjNAP343qN1Kt17p9almX-l8Q6zqrrOPqLw8LpfFRUOJRNpSDFc2Ef9YIJxce0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4NjI0MjI0NjE4OTMwOTQwMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1

Request Chain 250

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 251

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI34qAK_8_tEF4D7UlUbOiI&google_cver=1&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXAGGoX8u3BH_D1XFHJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXAGGoX8u3BH_D1XFHJI

Request Chain 252

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOEJtkKZ9DrnwdAmovdjzUA&google_cver=1&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1ZDhFixL6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1ZDhFixL6Q&google_hm=eS1BZE9IdGcxRTJwSE1reUpQbGVkNmpjbTJQaDhORFI1Vn5B

Request Chain 253

https://d5p.de17a.com/cookies/google?google_gid=CAESEI319BvBa2Jf4I8I4JUYp4Y&google_cver=1&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI319BvBa2Jf4I8I4JUYp4Y&google_cver=1&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U

Request Chain 254

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELASB2UcVlqTboU_mh3EmNQ&google_cver=1&google_push=Aa02lx_egKwONdszXS4Sg-_dN3kx-jrHVRB3M9q3X6JbI9UwNLrIy33mLlJcoPIKLTSBCCoB_CJGwq2SKsYUAN6syZBap9ZkgcfpLw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELASB2UcVlqTboU_mh3EmNQ&google_cver=1&google_push=Aa02lx_egKwONdszXS4Sg-_dN3kx-jrHVRB3M9q3X6JbI9UwNLrIy33mLlJcoPIKLTSBCCoB_CJGwq2SKsYUAN6syZBap9ZkgcfpLw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_egKwONdszXS4Sg-_dN3kx-jrHVRB3M9q3X6JbI9UwNLrIy33mLlJcoPIKLTSBCCoB_CJGwq2SKsYUAN6syZBap9ZkgcfpLw

Request Chain 255

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIDncorsTr96-QDa3w1SpU8&google_cver=1&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB7q7rgC76NpkP4Ep2rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB7q7rgC76NpkP4Ep2rw

Request Chain 257

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 275

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI34qAK_8_tEF4D7UlUbOiI&google_cver=1&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6reQoWclrGpZ2xLcVik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6reQoWclrGpZ2xLcVik

Request Chain 276

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELASB2UcVlqTboU_mh3EmNQ&google_cver=1&google_push=Aa02lx-c6MFXQvw601Nrxyvp_8M0RyhGC3CiFk0-Sbe2Lyb5ILXFZ7RB_EIemWfYvB7vkv00Roqmwu5wZVSoqLOHXeDbfgOOl1MQvJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-c6MFXQvw601Nrxyvp_8M0RyhGC3CiFk0-Sbe2Lyb5ILXFZ7RB_EIemWfYvB7vkv00Roqmwu5wZVSoqLOHXeDbfgOOl1MQvJc

Request Chain 277

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGr9HRLf1TOhjcpFKxpC6gk&google_cver=1&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGr9HRLf1TOhjcpFKxpC6gk&google_cver=1&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw&google_hm=GKRJtGZHPQqEaKPjR4i3wvbw

Request Chain 279

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIDncorsTr96-QDa3w1SpU8&google_cver=1&google_push=Aa02lx8cndCGdVVhYydSRsP4nzgxxlEJEJb5wnUh2yazZaEHSa314WX-9DMjmdruhWJ6DAMbBprtFhde9O-QUAWajCDNiv5jl8LREWm1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8cndCGdVVhYydSRsP4nzgxxlEJEJb5wnUh2yazZaEHSa314WX-9DMjmdruhWJ6DAMbBprtFhde9O-QUAWajCDNiv5jl8LREWm1 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 280

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELJi5Lep2907TP0f7vozsmY&google_cver=1&google_push=Aa02lx9FZ0WIELs80bLzV5-kbGBqrfg_YISnf98WTL-bTcfVkyyVMJ52tpYy9b8wMhtYDZm9WNj8v8akNEP0MdmN6DPEgc7NTqmg-Kc HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELJi5Lep2907TP0f7vozsmY&google_cver=1&google_push=Aa02lx9FZ0WIELs80bLzV5-kbGBqrfg_YISnf98WTL-bTcfVkyyVMJ52tpYy9b8wMhtYDZm9WNj8v8akNEP0MdmN6DPEgc7NTqmg-Kc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4dcfde2c-d24f-4b37-a5b6-108f007ff0ae&%%GOOGLE_PUSH_PAIR%%

309 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
steamerathletics.com/ 95 KB
17 KB 837ms
320ms Document
text/html 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: b3a9e7ca240a3c3c6604c64a44f5ab4ef56441a4a3cd1a36fd0810fbd0a0a9be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 15 Feb 2023 11:21:11 GMT
server: Caddy
x-bigteams-app: BTPFS
x-bigteams-btpfs-schoolid: 13873

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
82 KB 160ms
65ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HCV41WEQLC

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0492c31ed7e58618df0450a475bdb4a483cd9efdc88b00c438ae9a51f607d326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 11:21:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
987 B 155ms
58ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,800,900

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c87d1648610fbd2dcc6ef341b0bd19ab697f68905cbb5a188f6aeb71ce4ddd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:21:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:21:11 GMT

GET
H2 200 embed.nocache.js Show response
cdn.whatfix.com/prod/e788eb00-c781-11ea-bc69-22a91d6e4464/embed/ 7 KB
4 KB 108ms
37ms Script
application/x-javascript 2606:4700::6812:1b8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/e788eb00-c781-11ea-bc69-22a91d6e4464/embed/embed.nocache.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367db0e22ab8a38cd77c4c13ea16340e70aafd2f471d6d8df3801b4dcb6142b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: 2022-08-06T08:59:07Z
server: cloudflare
cf-cache-status: HIT
content-encoding: gzip
age: 1011043
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 799da89a489e5c26-FRA
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
steamerathletics.com/modules/cfui/vendor/fontawesome/css/ 30 KB
7 KB 121ms
117ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/fontawesome/css/font-awesome.min.css?v=4.7.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 7050
content-type: text/css

GET
H2 200 simple-line-icons.css
steamerathletics.com/modules/cfui/vendor/simple-line-icons/css/ 13 KB
3 KB 122ms
118ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/simple-line-icons/css/simple-line-icons.css?v=2.4.1
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 2714
content-type: text/css

GET
H2 200 animate.min.css
steamerathletics.com/modules/cfui/vendor/animate.css/ 52 KB
4 KB 124ms
120ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/animate.css/animate.min.css?v=3.5.1
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 3955
content-type: text/css

GET
H2 200 whirl.css
steamerathletics.com/modules/cfui/vendor/whirl/dist/ 13 KB
2 KB 216ms
213ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/whirl/dist/whirl.css?v=1.0.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 9a8fba6b5ff22acf96f9cdfda2ec0a83fa775f7184b3c5c8b66aab03ef6f1214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 2286
content-type: text/css

GET
H2 200 bootstrap.css
steamerathletics.com/modules/cfui/app/css/ 195 KB
26 KB 217ms
214ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/app/css/bootstrap.css?v=4.6.1
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 610c417cb7cfd3f4327df5d93530c5112e48157af1bfe85813d6f634ae5319cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: text/css

GET
H2 200 app.css
steamerathletics.com/modules/cfui/app/css/ 201 KB
27 KB 328ms
325ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/app/css/app.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: daf090b7a173b311eddf91b12e60850a296896b351a72f2c59eb9c7ea81083fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: text/css

GET
H2 200 sweetalert.css
steamerathletics.com/modules/cfui/vendor/sweetalert/dist/ 22 KB
4 KB 235ms
232ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/sweetalert/dist/sweetalert.css?v=1.1.3
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 93ae81483be2e9705db4cd911fa410bc2cf6c24f355dc5ac899de49fab854e63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 3705
content-type: text/css

GET
H2 200 yamm.css
steamerathletics.com/public/libs/yamm/ 437 B
465 B 234ms
231ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/public/libs/yamm/yamm.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: bf97518d6c193c0185a7e9751971bfd400b68d64ca0b7698af3d9fb8630050c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 437
content-type: text/css

GET
H2 200 styles.css
steamerathletics.com/public/css/ 140 KB
19 KB 236ms
234ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 3bfd2e4f5fd5953a746a489404527b3336fedc403b97aac5d93d828f010d2e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: text/css

GET
H2 200 bootstrap-colorpicker.css
steamerathletics.com/assets/scripts/vendor/bootstrap-colorpicker/dist/css/ 5 KB
1 KB 236ms
233ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 2cb6b4b568edadbf87a7281c955447ce91b1d0c6e00503b7732b7604500d250b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1104
content-type: text/css

GET
H2 200 tabs.css
steamerathletics.com/assets/scripts/vendor/vertical-tabs/ 780 B
316 B 345ms
343ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/vertical-tabs/tabs.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 0e65a111b64b0353e4587a6b2e8fd195120db82184d4587b748b0ab1876d2b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 274
vary: Accept-Encoding
content-type: text/css

GET
H2 200 fileinput.min.css
steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/css/ 5 KB
2 KB 345ms
343ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/css/fileinput.min.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: df8ed4df996ea8874763197863f3077bf50cf10fb648919a389af3f786182035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1675
content-type: text/css

GET
H2 200 jquery.Jcrop.min.css
steamerathletics.com/assets/scripts/vendor/jCrop/css/ 2 KB
648 B 347ms
345ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/jCrop/css/jquery.Jcrop.min.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: fdf0a84fa8501ecae3d49ff09fba0daa05a6b66f5a950d904705a6d81d05a35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 619
content-type: text/css

GET
H2 200 bootstrap-select.min.css
steamerathletics.com/assets/scripts/vendor/bootstrap-select/css/ 11 KB
2 KB 346ms
344ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-select/css/bootstrap-select.min.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: f61979614d121cf605214d49cb31f065bee79dbc9b31a0ef3f6e712050cf33d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 2234
content-type: text/css

GET
H2 200 ada.css
steamerathletics.com/public/css/ 22 KB
3 KB 347ms
345ms Stylesheet
text/css 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/public/css/ada.css?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 5787e930e74e0852766cc7c7047ac7adbbee9681f6a0cb4833a98f932724e1af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 2730
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 126ms
35ms Script
text/javascript 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 09:35:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 179ms
70ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0afc284da789311cfbbbf9004ff65eb5ea8c7f7655c02aa60692e0e6dfc0d435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26629
x-xss-protection: 0
server: sffe
etag: "1483 / 658 of 1000 / last-modified: 1676454291"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Feb 2023 11:21:12 GMT

GET
H/1.1 200
OK 80366559-1044.js Show response
biddr.brealtime.com/ 259 KB
80 KB 132ms
34ms Script
text/javascript 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/80366559-1044.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c0d86ea1d47184e908590f6c7e6c293c27fb96614727e041e4d0fc8543babf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:11 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: RGBEDQ17JN4K3MAX
Age: 5975
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: x8rTKnn9qoX5pq/sD+F6MJRD57kL/v0mehobCN6JcB7iw58JaAhxYhcmOCGp/KyR+c5CVBLfh0w=
Last-Modified: Wed, 01 Feb 2023 18:53:10 GMT
Server: cloudflare
ETag: W/"d80e3dddd1e22022770c128d6f8f72c1"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=60
CF-RAY: 799da897ea799bb6-FRA
Expires: Wed, 15 Feb 2023 11:22:11 GMT

GET
H/1.1 200
OK 13873.png
schoolassets.s3.amazonaws.com/logos/13873/ 41 KB
41 KB 508ms
168ms Image
image/png 52.216.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://schoolassets.s3.amazonaws.com/logos/13873/13873.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3bd958a91bb8e7d8b0c5637aedbc680f38b9847c4f2551b0a79c558008ea8329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 18 Mar 2021 12:33:58 GMT
Server: AmazonS3
x-amz-request-id: ENG1RMZPCVWAVJCB
ETag: "39be28c8ed8bd23d29fe7fec58c46f0c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 42137
x-amz-id-2: /dL2B7J95DEuxMIOoHC2IRNFJI7Fx6XEPQU2Q5yL9G8bHJOjdLFq3sZs+inPM/ai8byyhjWwojI=

GET
H/1.1 200
OK 49686425_2552338751473466_4233525280569819136_o.jpg
bigteams-public-prod.s3.amazonaws.com/library/images/fultonhighschool_bigteams_13873/standard/ 54 KB
55 KB 486ms
148ms Image
image/jpeg 52.217.133.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigteams-public-prod.s3.amazonaws.com/library/images/fultonhighschool_bigteams_13873/standard/49686425_2552338751473466_4233525280569819136_o.jpg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.133.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cfcb6907adc12c6392641a3f500f2ec015662dffaa26e5a2037e732355e50261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 14 Apr 2022 23:10:02 GMT
Server: AmazonS3
x-amz-request-id: ENGEAC4JC4YQF3JR
ETag: "2539dc5d5f1a4b08887e50de91461642"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 55670
x-amz-id-2: WtPAGS8cltQH6uIPO0vE8wmWbwVPBVO9N+0bJbc+AaPMH3pF9AIicPU7PjB9GCOlHjUUN0bg2oY=

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 315ms
35ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:12 GMT
Content-Encoding: gzip
Age: 170
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67D5)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK 2949556.jpg
schoolassets.s3.amazonaws.com/eventPhotos/83721/original/ 8 MB
8 MB 489ms
197ms Image
image/jpeg 52.216.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://schoolassets.s3.amazonaws.com/eventPhotos/83721/original/2949556.jpg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f3f0324594090c22802996c9840851ce084b07c01044b4b0f0b913e63527a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 12 Apr 2018 14:25:16 GMT
Server: AmazonS3
x-amz-request-id: ENG5K7H814MZ5RXV
ETag: "54455e60609f2171c64fcc1eb825db32"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 8616307
x-amz-id-2: yTclu/Q7A89ce1OSo5R0F3XlyAj2NnQkqYNafqbFXz+I0+g6oxOOOFGLCnrdQYTUlZuODOmbeVs=
Expires: Sat, 12 May 2018 14:25:12 GMT

GET
H/1.1 200
OK 2949673.jpg
schoolassets.s3.amazonaws.com/eventPhotos/83721/standard/ 38 KB
38 KB 437ms
144ms Image
image/jpeg 52.216.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://schoolassets.s3.amazonaws.com/eventPhotos/83721/standard/2949673.jpg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ccabdce478f54e281aa6ce15265b9f727757da6f36d7e7f12d07a78dfbf56a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 12 Apr 2018 14:34:15 GMT
Server: AmazonS3
x-amz-request-id: ENG410S4SPP67HFP
ETag: "e3a5dce82788e92adcaf6fbc91990a62"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 38423
x-amz-id-2: YHgqeGhjOmpOpSHIjFvZTVxbyvVTjjQ5JkPy2j74b9bACdJNLKenIMeBjsZPIHZJShQKVxgXJIw=
Expires: Sat, 12 May 2018 14:34:11 GMT

GET
H/1.1 200
OK 2949672.jpg
schoolassets.s3.amazonaws.com/eventPhotos/83721/standard/ 39 KB
39 KB 457ms
165ms Image
image/jpeg 52.216.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://schoolassets.s3.amazonaws.com/eventPhotos/83721/standard/2949672.jpg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bfa530083e42dd6d0784b5e4ddefafd7f12c8aaaa2066d5e8c68e411c8765c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 12 Apr 2018 14:34:16 GMT
Server: AmazonS3
x-amz-request-id: ENG6AAK8WRTPER6V
ETag: "a42de7fb750d79af222d2ec051979384"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 39528
x-amz-id-2: pF5bEYGOcfU0DDRlxmC++wFCbUYto2Iyb0oeljD0huUlST7AHH4y31/Mcg045ExdqFycwsodpZw=
Expires: Sat, 12 May 2018 14:34:12 GMT

GET
H2 200 big-teams-logo.png
steamerathletics.com/assets/images/ 468 KB
385 KB 266ms
257ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/assets/images/big-teams-logo.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: f5c81ef2da1ec6cf10ba8ed9728e8a19aae72253c5f2fcc7a2d92dfbf6d10836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-type: image/png

GET
H2 200 modernizr.custom.js Show response
steamerathletics.com/modules/cfui/vendor/modernizr/ 9 KB
4 KB 117ms
117ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/modernizr/modernizr.custom.js?v=3.5.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 7902bbb12710c28f7b9271d4de787cb054a9a4523fe5312261561d128020bb6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 3613
content-type: application/javascript

GET
H2 200 matchMedia.js Show response
steamerathletics.com/modules/cfui/vendor/matchMedia/ 2 KB
761 B 127ms
118ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/matchMedia/matchMedia.js?v=0.2.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 709
content-type: application/javascript

GET
H2 200 jquery.js Show response
steamerathletics.com/modules/cfui/vendor/jquery/dist/ 252 KB
75 KB 151ms
136ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/jquery/dist/jquery.js?v=2.2.4
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: application/javascript

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 88ms
21ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 11:21:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1886350
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
x-served-by: cache-fra-eddf8230069-FRA, cache-hhn-etou8220081-HHN
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.js Show response
steamerathletics.com/modules/cfui/vendor/bootstrap/dist/js/ 134 KB
25 KB 181ms
166ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/bootstrap/dist/js/bootstrap.js?v=4.6.1
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: ebe141049ad8f106d836ce807823f72529f39a64d7ffe605b4de2248eb5848a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: application/javascript

GET
H2 200 jquery.storageapi.js Show response
steamerathletics.com/modules/cfui/vendor/jQuery-Storage-API/ 20 KB
4 KB 134ms
120ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/jQuery-Storage-API/jquery.storageapi.js?v=1.9.4
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: f5da98b42a1c4e4ec222800de4f233003592c07ce13109c12e4221a5bcc02a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 4043
content-type: application/javascript

GET
H2 200 jquery.easing.js Show response
steamerathletics.com/modules/cfui/vendor/jquery.easing/js/ 8 KB
2 KB 131ms
117ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/jquery.easing/js/jquery.easing.js?v=1.3
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1986
content-type: application/javascript

GET
H2 200 animo.js Show response
steamerathletics.com/modules/cfui/vendor/animo.js/ 7 KB
2 KB 132ms
118ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/animo.js/animo.js?v=1.0.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: c6162ff0f23f90b78ede5ba4428cca8c8b3d659b6081b2d8329d8bdb907b8146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 2039
content-type: application/javascript

GET
H2 200 jquery.slimscroll.min.js Show response
steamerathletics.com/modules/cfui/vendor/slimScroll/ 5 KB
2 KB 135ms
121ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/slimScroll/jquery.slimscroll.min.js?v=1.3.8
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1889
content-type: application/javascript

GET
H2 200 screenfull.js Show response
steamerathletics.com/modules/cfui/vendor/screenfull/dist/ 3 KB
1 KB 133ms
119ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/screenfull/dist/screenfull.js?v=3.0.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 3254df411777387cbcd6df2b03fa5b6015947d4010010d48c80a9886be0a8ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1052
content-type: application/javascript

GET
H2 200 jquery.localize.js Show response
steamerathletics.com/modules/cfui/vendor/jquery-localize-i18n/dist/ 7 KB
2 KB 137ms
124ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/jquery-localize-i18n/dist/jquery.localize.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: a6303daad046d4ed303006eb313b04724ecbee171da2e9dca0f24cd84ff57e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1948
content-type: application/javascript

GET
H2 200 parsley.min.js Show response
steamerathletics.com/modules/cfui/vendor/parsleyjs/dist/ 41 KB
12 KB 137ms
124ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/parsleyjs/dist/parsley.min.js?v=2.7.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: c15d4b037bf494f9db59a36e757498773561ebb185642a326c7b0d5ff221fdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 12127
content-type: application/javascript

GET
H2 200 app.js Show response
steamerathletics.com/modules/cfui/app/js/ 25 KB
8 KB 136ms
122ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/app/js/app.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 1c2f9a704df8eed1fe0f81eb567a9e3f7acf97b4ac86b9f312178fe18b00731c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 7874
content-type: application/javascript

GET
H2 200 default.js Show response
steamerathletics.com/js/newmain/ 2 KB
777 B 135ms
121ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/js/newmain/default.js?v=2023.7.2?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: d61d003e41427127565cc4611dc3405ff02b9e0c465acf8be65aeea189fffaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 748
content-type: application/javascript

GET
H2 200 sweetalert.min.js Show response
steamerathletics.com/modules/cfui/vendor/sweetalert/dist/ 17 KB
5 KB 135ms
122ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/sweetalert/dist/sweetalert.min.js?v=1.1.3
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 5414
content-type: application/javascript

GET
H2 200 login.js Show response
steamerathletics.com/public/js/auth/ 3 KB
976 B 130ms
117ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/public/js/auth/login.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: d053bd3cbc23fc66b5ebcaa44eb13812e675b5293541117ab0e8a58355ae920e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 947
content-type: application/javascript

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

162ms
40ms

Script
text/javascript

2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:57:08 GMT

Redirect headers

date: Wed, 15 Feb 2023 11:09:24 GMT
x-content-type-options: nosniff
server: sffe
age: 708
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Wed, 15 Feb 2023 11:39:24 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 23 KB
7 KB 87ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://steamerathletics.com/
Origin: https://steamerathletics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 991931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6638
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5a1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mo%2FvPDEC%2BkC0EVqOV%2FW0NLKuXFGreQnpLU%2B%2Bp9cRaz4CViKoqeR3YEhMSiMYwByKO2Ezcm9iALw1m6CKh38nGqYnx6MRHmK6F%2BpLF%2FQxSbZ6HQJbzekYMxTezxj11q6%2BZtHk5SzqPFXEytsZZxn5qP72"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799da89a3f003604-FRA
expires: Mon, 05 Feb 2024 11:21:12 GMT

GET
H2 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 17 KB
5 KB 86ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/additional-methods.min.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://steamerathletics.com/
Origin: https://steamerathletics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1229190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4719
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-4587"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7hUVbQxRzpVCUJ84vtvmokwgMP7z0H5ODKNbQDb1QU8JmsUgakC%2BrJEyHZaKq3ia6TL3POChy1dqu8OxCZienrGNhSEMUT0t%2BjoHbp0HgSNWOgSRSSga2FZEMkXYAE3qkGL27KF3ap8NENMdyLRWE%2FX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799da89a3f023604-FRA
expires: Mon, 05 Feb 2024 11:21:12 GMT

GET
H2 200 moment-with-locales.min.js Show response
steamerathletics.com/modules/cfui/vendor/moment/min/ 244 KB
64 KB 137ms
124ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/moment/min/moment-with-locales.min.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: fe2a2226123a364a140e44b206bbbb2595065c642176697a6a6042dc0a537f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: application/javascript

GET
H2 200 fastclick.js Show response
steamerathletics.com/assets/scripts/ 25 KB
7 KB 135ms
123ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/fastclick.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: cafaf87f2729d8c76956e7624b62c4739a061a39d419ed9526b0f222e6cbdbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 7609
content-type: application/javascript

GET
H2 200 ContentSlider.js Show response
steamerathletics.com/assets/scripts/ 6 KB
1 KB 139ms
126ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/ContentSlider.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 75dd8f2682b80841efb8ed906d35999636a1c24d9acc969644d8a1144b7a1bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 1421
content-type: application/javascript

GET
H2 200 DesktopNav.js Show response
steamerathletics.com/assets/scripts/ 4 KB
1 KB 145ms
133ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/DesktopNav.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 470785b24a2ecd865c18838e06f3a1b673f180d2a18292788bc863cccccb3866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 1363
content-type: application/javascript

GET
H2 200 MobileNav.js Show response
steamerathletics.com/assets/scripts/ 2 KB
720 B 146ms
134ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/MobileNav.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 915e2604209554dfc09921ccaf3eff11f4654130f8f73c5bebd8a11a14f25fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 691
content-type: application/javascript

GET
H2 200 Subheader.js Show response
steamerathletics.com/assets/scripts/ 2 KB
721 B 254ms
242ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/Subheader.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 235beeca4b2f9a92e24dd4701491f98b9dcc65d0619fe6de2917c5ab430a6a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 692
content-type: application/javascript

GET
H2 200 Schedule.js Show response
steamerathletics.com/assets/scripts/ 4 KB
1 KB 254ms
242ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/Schedule.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: c92931153e6083df5c676984bab331beece266622a07abffb0dd68753728bc9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 1242
content-type: application/javascript

GET
H2 200 Share.js Show response
steamerathletics.com/assets/scripts/ 2 KB
717 B 267ms
255ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/Share.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 2c094b306d7837827fd6c3c6251b2c65b807649be0624ba0f9686f4efe4a2506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 688
content-type: application/javascript

GET
H2 200 MyPhotos.js Show response
steamerathletics.com/assets/scripts/ 1 KB
588 B 254ms
243ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/MyPhotos.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: aa9de0dd76cb60b69757eb9582ec8541f192b974f25ad2ef63227c26e1967c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 558
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 MyForms.js Show response
steamerathletics.com/assets/scripts/ 1017 B
475 B 254ms
242ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/MyForms.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 7924e6ccf12c18da5ef7d3ef52465816c434c9c16e87f7b735ea5f8e6ab31ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 445
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 MyTeams.js Show response
steamerathletics.com/assets/scripts/ 3 KB
985 B 256ms
245ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/MyTeams.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 4a45759fbf4fd7044802bae4590f14b90d73b150b01b11dc442e9050575087be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 956
content-type: application/javascript

GET
H2 200 bootstrap-select.min.js Show response
steamerathletics.com/assets/scripts/vendor/bootstrap-select/js/ 51 KB
15 KB 260ms
249ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-select/js/bootstrap-select.min.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: e730e81df36e1a1a436d15438981e285a5035290bbd09440afac0dde252b46b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 15515
content-type: application/javascript

GET
H2 200 datatables.min.js Show response
cdn.datatables.net/t/dt/dt-1.10.11/ 81 KB
28 KB 101ms
34ms Script
application/javascript 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datatables.net/t/dt/dt-1.10.11/datatables.min.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4502a9956a8a5f68d505e26be08737ce1b23eada982a245f64763db31e3a452e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 06:26:32 GMT
server: cloudflare
age: 1227280
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31557600
cf-ray: 799da89a4e9d368b-FRA

GET
H2 200 bootbox.min.js Show response
steamerathletics.com/assets/scripts/vendor/bootbox-4.4.0/ 10 KB
4 KB 259ms
248ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootbox-4.4.0/bootbox.min.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 3718
content-type: application/javascript

GET
H2 200 bootstrap-colorpicker.js Show response
steamerathletics.com/assets/scripts/vendor/bootstrap-colorpicker/dist/js/ 32 KB
8 KB 258ms
248ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-colorpicker/dist/js/bootstrap-colorpicker.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 25a21d2beef7b3e858a780f63c20d2730e81bcd02d8a5ef53f154fd82161bad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 7656
content-type: application/javascript

GET
H2 200 fileinput.min.js Show response
steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/js/ 69 KB
21 KB 266ms
255ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/js/fileinput.min.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 10a993cf5597001afbf1e04f6406a2a606e5e4e3bb0247dfbfcd1ff8fbabb5e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: application/javascript

GET
H2 200 fa.js Show response
steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/js/themes/ 2 KB
728 B 257ms
246ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/bootstrap-fileinput-master/js/themes/fa.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 68552dc97a6eb603042d2ae84c9995dbd8275108348beaad658d74be43530427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 700
content-type: application/javascript

GET
H2 200 jquery.Jcrop.js Show response
steamerathletics.com/assets/scripts/vendor/jCrop/js/ 41 KB
10 KB 264ms
254ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/vendor/jCrop/js/jquery.Jcrop.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 7aa80b43b95b74bc318d46be11b2ad2ab87b630de06ed7d7bfa232042ee1e7cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 10349
content-type: application/javascript

GET
H2 200 App.js Show response
steamerathletics.com/assets/scripts/ 3 KB
1 KB 255ms
245ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/App.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 70aa23ecdc80fb73ac5d2c83b09b3263b4d960c3167af0f06d8e4ad6aee187f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 1346
content-type: application/javascript

GET
H2 200 SiteEditor.js Show response
steamerathletics.com/assets/scripts/ 33 KB
5 KB 259ms
249ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/assets/scripts/SiteEditor.js?v=2023.7.2
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 27f4f8c4e1a3e994654a002d379f3827c721aea22720e2affe603177dcb74116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:06 GMT
server: Caddy
content-length: 5572
content-type: application/javascript

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 268ms
154ms Script
text/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa93e7401f9a3344d1f891eacfb0cf698bf56cc5d7cb2586bfe0d82d1c8c4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16813
x-xss-protection: 0
server: cafe
etag: 6388606791587927312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:21:12 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 534ms
57ms Script
application/javascript 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 15 Feb 2023 11:21:12 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116332

GET
H2 200 ads.js Show response
steamerathletics.com/public/js/ 636 B
386 B 255ms
247ms Script
application/javascript 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/public/js/ads.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 957e5381f4e7f4e4944ad18bfda1c7018902f3234abffbad3480a380265af30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 356
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 137 KB
50 KB 73ms
65ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLSG7CZ

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d93976a246e7d50d4f91db2f89456d2c8624f778d310e7a1470899aaad24df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51127
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 11:21:12 GMT

GET
H/1.1 200
OK check.js Show response
biddr.brealtime.com/ Frame E089 641 B
936 B 237ms
237ms Script
application/javascript 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.js?nnn=1676460071961
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 11 Feb 2020 20:09:04 GMT
Server: cloudflare
x-amz-request-id: ENG1860SG1KGHTY5
ETag: W/"81b479edefd671af66d52c0ad9347d68"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
CF-RAY: 799da899dd679bb6-FRA
x-amz-id-2: aZIHq9OaTllL6freOkImymUc+8Z4eACoS4r75rvnzY0cnls7RHAo+v3uDbfFJrhGbSCndZiIcww=
Expires: Wed, 15 Feb 2023 12:21:12 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/n8Q5L9SsYd4csVeHS1oRAwZOjHs/gpt_and_prebid/ 83 KB
19 KB 550ms
484ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/n8Q5L9SsYd4csVeHS1oRAwZOjHs/gpt_and_prebid/config.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9655be297be565317e178de11e09d3011a8b91f8b304727479f4ffcdcdd881fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 15 Feb 2023 11:09:31 GMT
server: cloudflare
x-amz-request-id: ENGEGE0DQCH4CD5G
etag: W/"42e17a1659a24099746d26cefaa4891a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 799da89afb3d9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: O0k8EYnLZSmZfs+Fd1hAWRDnUbDDHeHsqD331ztK44xhZDa3tqGKWKCmnIb8VJ/QhCpZc92+y8M=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 160ms
82ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCV41WEQLC&gtm=45je32d0&_p=1933764698&cid=952293475.1676460072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676460071&sct=1&seg=0&dl=https%3A%2F%2Fsteamerathletics.com%2F&dt=Fulton%20High%20School&en=scroll&_fv=2&_nsi=1&_ss=2&_c=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCV41WEQLC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://steamerathletics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 20210318_123350.jpg
schoolassets.s3.amazonaws.com/masthead/13873/ 41 KB
41 KB 500ms
147ms Image
image/jpeg 52.216.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://schoolassets.s3.amazonaws.com/masthead/13873/20210318_123350.jpg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.206.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e383411ee6481cb6c6fc6202e9cb8f49c4131d992a9158d100eb5d54e1d56935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:13 GMT
Last-Modified: Thu, 18 Mar 2021 12:33:58 GMT
Server: AmazonS3
x-amz-request-id: ENG0J2R225AW3Z97
ETag: "d1067361f4965dbd0f0ad1b1009d6530"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 41696
x-amz-id-2: lRMgLEBJO6dlardMfXH1y9jpH30B+5q98IgrLJg7RkXs02sMLG8Xkj9av41fIqosVogXd0x+LMs=

GET
H2 200 twitter-icon.png
steamerathletics.com/img/ 1 KB
1 KB 229ms
229ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/img/twitter-icon.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: f72d99e74b4a41f03ad59dc3e2643303515a27b0f1fb63be1bce80012aadbe8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1404
content-type: image/png

GET
H2 200 facebook-icon.png
steamerathletics.com/img/ 1 KB
1 KB 222ms
222ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/img/facebook-icon.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: a61deeae6f85909ec179525faba032231d36bbbc4185ddd8d4f6077b23f689cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1091
content-type: image/png

GET
H2 200 fontawesome-webfont.woff2
steamerathletics.com/modules/cfui/vendor/fontawesome/fonts/ 75 KB
75 KB 223ms
223ms Font
application/font-woff2 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/modules/cfui/vendor/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/modules/cfui/vendor/fontawesome/css/font-awesome.min.css?v=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://steamerathletics.com/modules/cfui/vendor/fontawesome/css/font-awesome.min.css?v=4.7.0
Origin: https://steamerathletics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: application/font-woff2

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 75ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Feb 2023 11:21:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YHyaxNWciqWwS+gn+osUTMkcHJJCu7MSsDCjKbr4FCJnWf/BLr/Qr8JE+uR20TLFu2kiD05WjD5Eo66ZNa4mzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 192ms
80ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=75451
accept-ranges: bytes
content-length: 4777

GET
H2 200 131986050836104 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/131986050836104?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41513de414da3ddb38a8dde79e8ade049eb8297fdcb13e2629958b790e5f48c1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Feb 2023 11:21:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IbVgLgy8SQbD/1cO24WZ1lIv3X3BIp8k2SHAF5S6Dh79GB+ZiOPU6oxwCF6yffI/TPklaOO44DCHFhEkfIk76w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
e1.emxdgt.com/sync/ Frame E089 0
0

GET
H2 200 pubads_impl_2023021301.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 197ms
37ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js?cb=31072461

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0158a7a3fd4a43fd01c6051d73c8507d87989abb39e83b3dbb8e3fe806ef77cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133267
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:35:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Feb 2024 04:53:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 85 B
603 B 229ms
70ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=steamerathletics.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

554842023a5e65705fb02af49e21bbd0bc48915901af987c02fea228212eb73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Wed, 15 Feb 2023 11:21:12 GMT

GET
H2 200 injector.min.js Show response
partners.spiritshop.com/scripts/ 12 KB
5 KB 888ms
141ms Script
application/x-javascript 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://partners.spiritshop.com/scripts/injector.min.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 96074ee9a4154b0e60285f45eed64776e52374bdc15f3311d8dd71fba43d1e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Wed, 12 Sep 2018 05:44:04 GMT
server: Microsoft-IIS/10.0
etag: "06a2c9d5b4ad41:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=43200
accept-ranges: bytes
content-length: 4444

GET
H2 200 twitter-icon-large.png
steamerathletics.com/img/ 2 KB
2 KB 400ms
400ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/img/twitter-icon-large.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: fd28f2e6c915331e0ea7eb3ffdeff892fe75e600d0c7db2fde763d45b939075b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1661
content-type: image/png

GET
H2 200 facebook-icon-large.png
steamerathletics.com/img/ 1 KB
1 KB 401ms
400ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/img/facebook-icon-large.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: c5d89aedaaf9b5ab879bd8f82d378002df2046fe87822911fe61d9da7da43b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/public/css/styles.css?v=2023.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-length: 1249
content-type: image/png

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 131ms
30ms Script
application/javascript 18.65.39.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-56.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 00:57:59 GMT
content-encoding: gzip
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 37394
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: L7BB1xIuLVHo6gh92VaPSPvUgcIhvmZqiRJSXNPjToiEe7AORm0Wwg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 137ms
26ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bdde2de62dbc0ee6884be879ae01087c577529c8efa022464ad8f96726bce31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
etag: "Uc7ci/tysauZvGT38RNrSg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Feb 2023 11:21:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990903267/ 2 KB
1 KB 160ms
63ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990903267/?random=1676460072354&cv=9&fst=1676460072354&num=1&label=HFo0CNWTvgQQ4_e_2AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsteamerathletics.com%2F&tiba=Fulton%20High%20School&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

900e823ee99149e43a2341e935abb3c72105d035c787e678f4d42150ff9021fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/549778/domain/steamerathletics.com/ 36 B
366 B 273ms
184ms XHR
application/json 2600:9000:2104:2800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/549778/domain/steamerathletics.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: P-2He57mxnU4S0hQW9knhYEYe4Uer1LDhj-uJ24a7U_MbLpkwd8RTw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D549778%26time%3D1676460072372%26url%3Dhttps%253A%252F%252Fsteamerathletics.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true&e_ipv6=AQIAXWaEre_2qAAAAYZUzqCHMChNybBNwYZD9QaMIwnT4IQPOed2DKHgrJ...

0
481 B

482ms
201ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true&e_ipv6=AQIAXWaEre_2qAAAAYZUzqCHMChNybBNwYZD9QaMIwnT4IQPOed2DKHgrJiYx-X-AwrkIPzjCdSg
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C17239068F554C17AC0D2DE9C86F6D5B Ref B: FRAEDGE1313 Ref C: 2023-02-15T11:21:13Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0u0cqPHBmvaW6XCAYbw==

Redirect headers

date: Wed, 15 Feb 2023 11:21:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9B6010F9D9D745F7B8742F1C0E9AD3E6 Ref B: FRAEDGE1215 Ref C: 2023-02-15T11:21:13Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=549778&time=1676460072372&url=https%3A%2F%2Fsteamerathletics.com%2F&liSync=true&e_ipv6=AQIAXWaEre_2qAAAAYZUzqCHMChNybBNwYZD9QaMIwnT4IQPOed2DKHgrJiYx-X-AwrkIPzjCdSg
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0u0ci+UGtMoxb81McFg==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 71ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=131986050836104&ev=PageView&dl=https%3A%2F%2Fsteamerathletics.com%2F&rl=&if=false&ts=1676460072382&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676460072382.2061585464&it=1676460072178&coo=false&rqm=GET

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Feb 2023 11:21:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 38ms
37ms Image
text/plain 18.65.39.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10037191&cs_it=b3&cv=3.8.0.210223&ns__t=1676460072493&ns_c=UTF-8&c7=https%3A%2F%2Fsteamerathletics.com%2F&c8=Fulton%20High%20School&c9=
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-56.ams1.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: -t3nc0kRKfXTBDCigCrPMe-OEkzc3Su06kYRf5joYoRhjc6NjyYJHg==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-6fx0qwWHI_5oM.js Show response
rules.quantcount.com/ 160 B
640 B 245ms
44ms Script
application/javascript 2600:9000:238d:6800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6fx0qwWHI_5oM.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a088325e54ce71c3bbedb0299f3ccfb17c7f71032942d73015c249705094e818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:01:11 GMT
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1202
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:22:27 GMT
server: AmazonS3
etag: "66af575516f460b1b0d898243fd6443a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: xq0tA6fvodQ8gwq5uYIcwu5QoaNYYDQjB_vzjSI3H1ahaGoew9N-sQ==

GET
H2 200 rules-p-e8u2ehsCGVQg-.js Show response
rules.quantcount.com/ 28 KB
4 KB 202ms
36ms Script
application/javascript 2600:9000:238d:6800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-e8u2ehsCGVQg-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:09:17 GMT
content-encoding: gzip
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 840
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 25 Nov 2020 18:21:07 GMT
server: AmazonS3
etag: W/"945563de9259416ef401c38454b00f41"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 50Gm5b5ta8Z-9VV_4YRFinaUodPRTv1Ng8DdZhm3MRLKa4xUcNW10Q==

GET
H2 200 rules-p-b0t-PA4yuMSDU.js Show response
rules.quantcount.com/ 3 B
456 B 192ms
35ms Script
application/javascript 2600:9000:238d:6800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-b0t-PA4yuMSDU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 03:56:38 GMT
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 26675
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:48:35 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 9HM7_j7vawxLrwhjIOpiDRBx6fuv78Lhm8gQmbYhtS3vGOiYZ6jc0Q==

GET
H2 200 /
www.google.com/pagead/1p-user-list/990903267/ 42 B
371 B 66ms
64ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990903267/?random=1676460072354&cv=9&fst=1676458800000&num=1&label=HFo0CNWTvgQQ4_e_2AM&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsteamerathletics.com%2F&tiba=Fulton%20High%20School&fmt=3&is_vtc=1&random=715140732&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/990903267/ 42 B
455 B 192ms
61ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/990903267/?random=1676460072354&cv=9&fst=1676458800000&num=1&label=HFo0CNWTvgQQ4_e_2AM&guid=ON&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fsteamerathletics.com%2F&tiba=Fulton%20High%20School&fmt=3&is_vtc=1&random=715140732&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
407 B 198ms
67ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.20.0
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: f82ad0999f4da1e2c0532424720de082c5e0562245b11304013c339ab7449dc3

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Feb 2023 11:21:12 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://steamerathletics.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST /
hb.emxdgt.com/ 0
0

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2 200 arj Show response
eyepopperdigital-d.openx.net/w/1.0/ 73 B
380 B 155ms
38ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eyepopperdigital-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsteamerathletics.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4b0f309d-7a2f-401d-8368-b89770fb3fef%2Cfb8f4b37-3b8a-4432-a052-887115c50ede%2C8930c6b1-4157-4f99-9d0b-1a95ac95aa05%2Cdb0d8c7c-cbf8-446a-b554-3c382f2021e8%2C91f6ed50-80ef-4630-b810-88364d8bcdd0%2Cf5d6d8b5-5692-49ae-9415-46bd2c74266e%2C70026acd-3256-46eb-b996-03d6041144e5%2Ceac93019-f4ac-4a3b-b6dd-f629ee3e72af%2C4d448446-b175-4b9e-a257-ee9ff7349189&nocache=1676460072611&aus=728x90%7C728x90%7C728x90%7C300x250%7C300x250%7C300x600%7C320x50%7C300x250%7C300x250&divids=%252F317673431%252FBigTeams_Leaderboard_ATF%2C%252F317673431%252FBigTeams_Leaderboard_Slideshow%2C%252F317673431%252FBigTeams_Leaderboard_BTF%2C%252F317673431%252FBigTeams_300x250_RR_Pos1%2C%252F317673431%252FBigTeams_300x250_RR_Pos2%2C%252F317673431%252FBigTeams_300x600_RR%2C%252F317673431%252FBigTeams_320x50_Adhesion%2C%252F317673431%252FBigTeams_300x250_MobilePos1%2C%252F317673431%252FBigTeams_300x250_MobilePos2&aucs=%2C%2C%2C%2C%2C%2C%2C%2C&auid=558769228%2C558769229%2C558769230%2C558769231%2C558769232%2C558769233%2C558769234%2C558769235%2C558769236
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0ee117494af512be96b6ba09493f371bff6a0bfca9e730e03206c02cb7ff18e7

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://steamerathletics.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 144ms
39ms Script
application/x-javascript 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55892
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 0E98 320 KB
104 KB 24ms
24ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsteamerathletics.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1863472
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Feb 2023 11:21:12 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6794)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 eventSlider Show response
steamerathletics.com/main/ 44 KB
2 KB 983ms
982ms XHR
text/html 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://steamerathletics.com/main/eventSlider?_=1676460072301
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/modules/cfui/vendor/jquery/dist/jquery.js?v=2.2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 1f1cca371a6cb4f8406e171c6969d278b82891a81dc328a4298fa4e6fb7d616f

Request headers

Accept: text/html, */*; q=0.01
Referer: https://steamerathletics.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-bigteams-app: BTPFS
x-bigteams-btpfs-schoolid: 13873
date: Wed, 15 Feb 2023 11:21:13 GMT
content-encoding: gzip
server: Caddy
content-length: 1981
content-type: text/html;charset=utf-8

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57f3eeb4e4f90bec/ 1 KB
697 B 182ms
181ms Script
application/javascript 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57f3eeb4e4f90bec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8dd14be7731fa74d6fbca656d110ce972389049eaf3420a496afccdad868d88f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
etag: -1569059524--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 521

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 292ms
223ms Script
application/javascript 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63ecc02818be33ee&bkl=0&bl=1&pdt=956&sid=63ecc02818be33ee&pub=ra-57f3eeb4e4f90bec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=steamerathletics.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1676460072686&jsl=12289&uvs=63ecc0289207b856000&skipb=1&callback=addthis.cbs.jsonp__80241870965201060
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59481d6557ebb6d24ae4c4c42b4d84dc7576ca1652f5bef672b6c46583efdd8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:13 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F427 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 49E1 71 KB
26 KB 47ms
47ms Document
text/html 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 15 Feb 2023 11:21:12 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 135ms
41ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSG7CZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 11:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 544
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 13:12:08 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 36ms
35ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/n8Q5L9SsYd4csVeHS1oRAwZOjHs/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: KRKAY52BMSPF35GE
age: 4814137
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 799da89e7fbb9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jkGAuBz0EnKvo409vknYavvNsblVqlgsrOD1+Cp4ln+aH/QwRBaHj7bwHTWEMgtVmurDEBcjH0M=

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0E98 919 B
647 B 214ms
135ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ed4df6dca37e3f360aad5aa34e17d55e267719ab

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsteamerathletics.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 15 Feb 2023 11:21:12 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 15 Feb 2023 11:21:12 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: bf6da03aa56839f6
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: a8a0b828d9210fe78b3556aadbfd6d6e6ef8ebe09a8b0d0fecc77808831581fc
content-length: 326

GET
H2 200 pixel;r=578130476;rf=0;a=p-6fx0qwWHI_5oM;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=stea...
pixel.quantserve.com/ 35 B
371 B 61ms
24ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=578130476;rf=0;a=p-6fx0qwWHI_5oM;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=steamerathletics.com;dst=0;et=1676460072850;tzo=0;ogl=;ses=21e32a9b-aec8-468c-b752-9cb60242e892

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1660096281;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=ste...
pixel.quantserve.com/ 35 B
371 B 60ms
24ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1660096281;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=steamerathletics.com;dst=0;et=1676460072852;tzo=0;ogl=;ses=21e32a9b-aec8-468c-b752-9cb60242e892

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=76319624;rf=0;a=p-b0t-PA4yuMSDU;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=steam...
pixel.quantserve.com/ 35 B
370 B 59ms
23ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=76319624;rf=0;a=p-b0t-PA4yuMSDU;url=https%3A%2F%2Fsteamerathletics.com%2F;uht=2;fpan=1;fpa=P0-713033962-1676460072504;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;ref=;d=steamerathletics.com;dst=0;et=1676460072852;tzo=0;ogl=;ses=21e32a9b-aec8-468c-b752-9cb60242e892

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 103ms
103ms Script
application/javascript 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 15 Feb 2023 11:21:12 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 51ms
50ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCV41WEQLC&gtm=45je32d0&_p=1933764698&cid=952293475.1676460072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=2&sid=1676460071&sct=1&seg=0&dl=https%3A%2F%2Fsteamerathletics.com%2F&dt=Fulton%20High%20School&en=form_start&_c=1&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23&_et=917
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCV41WEQLC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://steamerathletics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCV41WEQLC&gtm=45je32d0&_p=1933764698&cid=952293475.1676460072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=3&sid=1676460071&sct=1&seg=0&dl=https%3A%2F%2Fsteamerathletics.com%2F&dt=Fulton%20High%20School&en=form_submit&_c=1&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCV41WEQLC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://steamerathletics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2A7D 0
51 B 23ms
22ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://steamerathletics.com
Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://steamerathletics.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:12 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 58ms
57ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1933764698&t=pageview&_s=1&dl=https%3A%2F%2Fsteamerathletics.com%2F&ul=en-us&de=UTF-8&dt=Fulton%20High%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1534637475&gjid=593065762&cid=952293475.1676460072&tid=UA-40199218-1&_gid=1695922729.1676460073&_r=1&_slc=1&gtm=45He32d0n81NLSG7CZ&cd1=13873&cd2=Fulton%20High%20School&cd3=SSAPI&cd4=anonymous&z=1614967122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://steamerathletics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 99ms
33ms XHR
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-40199218-1&cid=952293475.1676460072&jid=1534637475&gjid=593065762&_gid=1695922729.1676460073&_u=YADAAEAAAAAAACAAI~&z=650069949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Feb 2023 11:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://steamerathletics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
260 B 264ms
226ms XHR
application/json 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fsteamerathletics.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 15 Feb 2023 11:21:13 GMT
surrogate-key: sFbt=https://steamerathletics.com/
last-modified: Wed, 15 Feb 2023 11:00:00 GMT
server: nginx/1.15.8
content-type: application/json
access-control-allow-origin: https://steamerathletics.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
285 B 256ms
218ms Script
application/json 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fsteamerathletics.com%2F&callback=_ate.cbs.rcb_826r0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e9e83e80822ebd153c796b6cfd9f0ad498dfc164d8fa13e9d37f23cf8126a3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: steamerathletics.com/
last-modified: Wed, 15 Feb 2023 11:21:13 GMT
server: nginx/1.15.8
date: Wed, 15 Feb 2023 11:21:13 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
284 B 262ms
224ms Script
application/json 23.203.124.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fsteamerathletics.com%2F&callback=_ate.cbs.rcb_wmx0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.118 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

feb998ee859d5be454de4e1f4c1ba6ebe805ec38cbc32a44c686aee37653b74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: steamerathletics.com/
last-modified: Wed, 15 Feb 2023 11:21:13 GMT
server: nginx/1.15.8
date: Wed, 15 Feb 2023 11:21:13 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 416ms
58ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=steamerathletics.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js?cb=31072461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 428ms
64ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=steamerathletics.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js?cb=31072461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 515 KB
115 KB 838ms
837ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4176407326228334&correlator=4340077635905242&eid=31072029%2C31072039%2C31072461&output=ldjh&gdfp_req=1&vrg=2023021301&ptt=17&impl=fifs&iu_parts=317673431%2CBigTeams_Leaderboard_Slideshow%2CBigTeams_Leaderboard_ATF%2CBigTeams_300x250_RR_Pos1%2CBigTeams_300x250_RR_Pos2%2CBigTeams_300x600_RR%2CBigTeams_320x50_Adhesion%2CBigTeams_Leaderboard_BTF%2CBigTeams_300x250_MobilePos1%2CBigTeams_300x250_MobilePos2%2CBigTeams_Advertorial_1%2CBigTeams_350x150_RR&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x600%2C320x50%2C728x90%2C300x250%2C300x250%2C717x157%2C350x150&ifi=1&adks=2167971874%2C1803871002%2C1391238318%2C782588840%2C2359879135%2C995212952%2C4208690410%2C644821409%2C3853300515%2C3920356230%2C1008862025&sfv=1-0-40&eri=1&cust_params=state%3DIL%26schoolid%3DIL6125211664&sc=1&cookie_enabled=1&abxe=1&dt=1676460073120&lmt=1676460073&dlt=1676460071556&idt=1016&adxs=245%2C436%2C-9%2C-9%2C1030%2C-12245933%2C436%2C-9%2C-9%2C261%2C-9&adys=1053%2C339%2C-9%2C-9%2C1325%2C-12245933%2C2782%2C-9%2C-9%2C1099%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C1%7C-1%7C2%7C-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsteamerathletics.com%2F&frm=20&vis=1&psz=760x2257%7C1140x2379%7C0x-1%7C0x-1%7C350x1432%7C1140x2379%7C1600x2914%7C0x-1%7C0x-1%7C730x50%7C0x-1&msz=730x0%7C728x90%7C0x-1%7C0x-1%7C300x600%7C0x-1%7C728x90%7C0x-1%7C0x-1%7C689x0%7C0x-1&fws=4%2C4%2C2%2C2%2C4%2C644%2C132%2C2%2C2%2C4%2C2&ohw=1600%2C1600%2C0%2C0%2C1600%2C1600%2C1600%2C0%2C0%2C1600%2C0&ga_vid=952293475.1676460072&ga_sid=1676460073&ga_hid=1933764698&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js?cb=31072461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2a858079c4e7c4b2ec2cae47149b36ecbac2eecb104e5f3361e1ad6c45a8b9

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2gk7m0l_0CFbmGgwcdjQsGwQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/8840107762433130496/300x600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2gk7m0l_0CFbmGgwcdjQsGwQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/8840107762433130496/300x600/index.html
date: Wed, 15 Feb 2023 11:21:13 GMT
x-content-type-options: nosniff
content-encoding: br
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116418
x-xss-protection: 0
google-lineitem-id: -1,-1,6161286843,-1,-1,-1,-1,-1,-1,5446653293,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138413637905,-1,-1,-1,-1,-1,-1,138264332847,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://steamerathletics.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF2A 6 KB
3 KB 411ms
69ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js?cb=31072461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:13 GMT
expires: Thu, 15 Feb 2024 11:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 5d66bce596dfbc1bca6dc9d3 Show response
tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/ 2 KB
1 KB 1071ms
360ms XHR
text/html 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/5d66bce596dfbc1bca6dc9d3
Requested by: Host: partners.spiritshop.com
URL: https://partners.spiritshop.com/scripts/injector.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e18ab70fcc27dff1a70103041cc8762d63a9cd23b99bc63880f44eb44d70668c

Request headers

Accept: text/html
Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 11:21:13 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://steamerathletics.com
cache-control: private
access-control-allow-credentials: true
content-length: 1056

POST
H2 200 58efae7c1486ff3ba470f133 Show response
tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/ 6 KB
2 KB 1134ms
423ms XHR
text/html 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/58efae7c1486ff3ba470f133
Requested by: Host: partners.spiritshop.com
URL: https://partners.spiritshop.com/scripts/injector.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 82c6660afbbcbc647a384babecd333066bc1d4b6391b79c569fb8e807fee4450

Request headers

Accept: text/html
Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://steamerathletics.com
cache-control: private
access-control-allow-credentials: true
content-length: 1929

POST
H2 200 5d66bcec96dfbc1bca6dc9d4 Show response
tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/ 4 KB
2 KB 1078ms
368ms XHR
text/html 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/5d66bcec96dfbc1bca6dc9d4
Requested by: Host: partners.spiritshop.com
URL: https://partners.spiritshop.com/scripts/injector.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4432f1fd6b72ee70f205f3aa007955c3d1c428e82da86c2f3f3724dabe91164f

Request headers

Accept: text/html
Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 11:21:13 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://steamerathletics.com
cache-control: private
access-control-allow-credentials: true
content-length: 1563

POST
H2 200 58efae7c1486ff3ba470f133 Show response
tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/ 6 KB
2 KB 1131ms
423ms XHR
text/html 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bespoketechnologies.net/Display/58da9007161d113db86ebc99/58efae7c1486ff3ba470f133
Requested by: Host: partners.spiritshop.com
URL: https://partners.spiritshop.com/scripts/injector.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 58eaa2532084ab92c210f5da9c52969131d11014511a3d5b16c83ad51f0024c0

Request headers

Accept: text/html
Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://steamerathletics.com
cache-control: private
access-control-allow-credentials: true
content-length: 1934

GET
H2 200 container.html Show response
97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6659 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:13 GMT
expires: Thu, 15 Feb 2024 11:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame 464F 222 KB
61 KB 159ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 464F 15 KB
5 KB 266ms
147ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:34 GMT
age: 3160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 464F 94 KB
28 KB 275ms
155ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 464F 72 KB
16 KB 287ms
168ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-animation-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3a3e39820c10b9cd68fe9060c18ab70365d00c043d7f912025a915c931eb59

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:25 GMT
age: 148309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16660
x-xss-protection: 0
server: sffe
etag: "cb1055a7b53990b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 464F 5 KB
2 KB 268ms
149ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 464F 40 KB
13 KB 269ms
151ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
DATA 200
OK truncated
/ Frame 464F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f6032f39d16c01f513447950d5f39874adecf5dc701c965465019b9d037ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 money.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 3 KB
3 KB 128ms
36ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/money.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1670c321171931043a0fdef97b00a0eb6b5ba628615aaec7d84aa333b760f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 11:27:41 GMT
x-content-type-options: nosniff
age: 431613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2564
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 11:27:41 GMT

GET
H2 200 txt1.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 2 KB
2 KB 130ms
37ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt1.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9fb5d2ecbd02c966d468b816e56a9394148f2b1c903bcf0e45125e09980b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:18:55 GMT
x-content-type-options: nosniff
age: 14539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 07:18:55 GMT

GET
H2 200 love.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 9 KB
9 KB 130ms
38ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/love.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37c85cab4214d6cc19fc91d1d80ec109a9880bbc237bcccad16dcaa2464a22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:12:07 GMT
x-content-type-options: nosniff
age: 47347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8922
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 22:12:07 GMT

GET
H2 200 txt2.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 2 KB
2 KB 67ms
57ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt2.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

414d61828881721cacd40ce6b08cdc985119924b34b169a9a63a6cfc2f7f5518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:13:33 GMT
x-content-type-options: nosniff
age: 461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 11:13:33 GMT

GET
H2 200 txt3.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 2 KB
2 KB 68ms
58ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt3.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ffa88206ff38916fbb5611267cfcba83abd94e5c98c43023f3d6aab11ee4cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 09:20:42 GMT
x-content-type-options: nosniff
age: 93632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2127
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 09:20:42 GMT

GET
H2 200 txt4.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 2 KB
2 KB 72ms
62ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt4.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c28880b3d51fd9451943ce7340d8c2dcee3358198449a3d0941afd2b6cd4361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 03:41:04 GMT
x-content-type-options: nosniff
age: 546010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1755
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 03:41:04 GMT

GET
H2 200 preisButt.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 4 KB
4 KB 72ms
62ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/preisButt.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e39f409c3804b6b98b13fdf962451f3d652173cc34ad42a9b42d74091667052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 21:17:05 GMT
x-content-type-options: nosniff
age: 482649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3873
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 21:17:05 GMT

GET
H2 200 ll.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 2 KB
2 KB 70ms
61ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ll.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

917d937ef0ce46defe4f446f18d05e53dafe3bc01768ab806201ddad28f12a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:13:33 GMT
x-content-type-options: nosniff
age: 461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 11:13:33 GMT

GET
H2 200 CTA.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 936 B
1001 B 69ms
60ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/CTA.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ccfa4dceb094c92eb28975b0f7c9b0716360ebaf1375cc592db28c7c7210c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:12:07 GMT
x-content-type-options: nosniff
age: 47347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 936
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 22:12:07 GMT

GET
H2 200 DBx.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 464F 1 KB
1 KB 70ms
61ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/DBx.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed9ea9df21c3ba44a5cd9671017be936881915a88ed9e62d1477ea800443bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 09:20:42 GMT
x-content-type-options: nosniff
age: 93632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1108
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 09:20:42 GMT

GET
H3 200 container.html Show response
97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3098 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:13 GMT
expires: Thu, 15 Feb 2024 11:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9550 6 KB
3 KB 35ms
34ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:13 GMT
expires: Thu, 15 Feb 2024 11:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame 7EC0 222 KB
60 KB 119ms
87ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7EC0 15 KB
5 KB 160ms
150ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:34 GMT
age: 3160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7EC0 94 KB
28 KB 161ms
152ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7EC0 72 KB
16 KB 168ms
159ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-animation-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3a3e39820c10b9cd68fe9060c18ab70365d00c043d7f912025a915c931eb59

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 18:09:25 GMT
age: 148309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16660
x-xss-protection: 0
server: sffe
etag: "cb1055a7b53990b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Feb 2024 18:09:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7EC0 5 KB
2 KB 171ms
163ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7EC0 40 KB
13 KB 173ms
164ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 10:28:35 GMT
age: 3159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Feb 2024 10:28:35 GMT

GET
DATA 200
OK truncated
/ Frame 7EC0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05a0784790c582d1b574f25a628bc1244a602b7918e58ae472fe1ec5cfa0dab9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 money.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 3 KB
3 KB 114ms
105ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/money.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1670c321171931043a0fdef97b00a0eb6b5ba628615aaec7d84aa333b760f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 11:27:41 GMT
x-content-type-options: nosniff
age: 431613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2564
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 11:27:41 GMT

GET
H2 200 txt1.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 2 KB
2 KB 103ms
94ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt1.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9fb5d2ecbd02c966d468b816e56a9394148f2b1c903bcf0e45125e09980b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:18:55 GMT
x-content-type-options: nosniff
age: 14539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 07:18:55 GMT

GET
H2 200 love.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 9 KB
9 KB 110ms
101ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/love.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37c85cab4214d6cc19fc91d1d80ec109a9880bbc237bcccad16dcaa2464a22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:12:07 GMT
x-content-type-options: nosniff
age: 47347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8922
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 22:12:07 GMT

GET
H2 200 txt2.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 2 KB
2 KB 105ms
96ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt2.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

414d61828881721cacd40ce6b08cdc985119924b34b169a9a63a6cfc2f7f5518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:13:33 GMT
x-content-type-options: nosniff
age: 461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 11:13:33 GMT

GET
H2 200 txt3.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 2 KB
2 KB 123ms
114ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt3.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ffa88206ff38916fbb5611267cfcba83abd94e5c98c43023f3d6aab11ee4cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 09:20:42 GMT
x-content-type-options: nosniff
age: 93632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2127
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 09:20:42 GMT

GET
H2 200 txt4.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 2 KB
2 KB 124ms
116ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/txt4.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c28880b3d51fd9451943ce7340d8c2dcee3358198449a3d0941afd2b6cd4361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 03:41:04 GMT
x-content-type-options: nosniff
age: 546010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1755
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 03:41:04 GMT

GET
H2 200 preisButt.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 4 KB
4 KB 116ms
107ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/preisButt.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e39f409c3804b6b98b13fdf962451f3d652173cc34ad42a9b42d74091667052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 21:17:05 GMT
x-content-type-options: nosniff
age: 482649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3873
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 21:17:05 GMT

GET
H2 200 ll.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 2 KB
2 KB 105ms
97ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ll.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

917d937ef0ce46defe4f446f18d05e53dafe3bc01768ab806201ddad28f12a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:13:33 GMT
x-content-type-options: nosniff
age: 461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 11:13:33 GMT

GET
H2 200 CTA.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 936 B
997 B 108ms
100ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/CTA.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ccfa4dceb094c92eb28975b0f7c9b0716360ebaf1375cc592db28c7c7210c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:12:07 GMT
x-content-type-options: nosniff
age: 47347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 936
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 22:12:07 GMT

GET
H2 200 DBx.png
tpc.googlesyndication.com/sadbundle/11967873570030692400/images/ Frame 7EC0 1 KB
1 KB 108ms
99ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11967873570030692400/images/DBx.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed9ea9df21c3ba44a5cd9671017be936881915a88ed9e62d1477ea800443bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 09:20:42 GMT
x-content-type-options: nosniff
age: 93632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1108
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 09:20:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 531D 0
0 80ms
76ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc5d_qI0a-eoGEH6hw1CuOw1U4xENh1skyrl2aBTgWw5lHICSvJ3_pifs5MZjqo51-s6VZ1pFqTe0cYPumSd-5aBMA5HO8LP_lNdiV4rIHJ41V-pLvM5rZw8u_eZhDFfy1jJxml4jCIHd732n1DsueKCSa9RTOvTliqn3CssbuaEESZa9DE3bgysRTVwmT8NRDGbBzaS5LWWWtSqStYEuNgdgh8CXIiPCNRFtm_iFdteYWXahJ2WpCeKqWozgd8P1cg7JAY94cyQc4rLK2JSHD7nEmfPgOJVpivxkqxP1SmTBOfuO9mw3Yp1sbhHZMjZj0UiXpwG6IBPgpuo7_g-Za&sai=AMfl-YRYIK0QxfjyXEgTFHn6s_xlO7EjwdWy07PJINpMbokz8PGtgUOM2x-g_oyq9Z34A7klN0JXwL3UINCDjZJRPwdGLEwIteKhnssITUMf_CJ3f9g8ooOwM-aItG3jHA&sig=Cg0ArKJSzO71h8dEeNZpEAE&uach_m=[UACH]&adurl=

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 531D 22 KB
9 KB 66ms
56ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 531D 3 KB
1 KB 119ms
110ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 531D 0
0 75ms
68ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSulyrD-HlmXv_z2MVEuWoi7W99ivVH1VhRl8IgbWk9jwMmPVmxGfZcscTNpEfpgYxGcYKptauX45sgooKE1ELdxnLW1Q
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 531D 156 KB
48 KB 98ms
89ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:21:14 GMT

GET
H2 200 6122741249494702088
tpc.googlesyndication.com/simgad/ Frame 531D 49 KB
49 KB 161ms
152ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6122741249494702088

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb2bedac3ecde93ccf2d865e121a660a804db7d39205f0909e6c17d3874a0d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50342
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 21:11:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 pixel
protected-by.clarium.io/ 68 B
243 B 179ms
45ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzI5NTI1NjY4NjU6NzI4eDkw&v=5&s=v31gpact93u&sb=-1&h=steamerathletics.com&cb=9497035&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6STVOVEkxTmpZNE5qVTZOekk0ZURrdyIsIndkIjp7Im8iOjI5NTI1NjY4NjUsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjgxOTM4OTExLCJjIjpudWxsLCJsIjowLCJvIjoyOTUyNTY2ODY1LCJBIjoiLzMxNzY3MzQzMS9CaWdUZWFtc19MZWFkZXJib2FyZF9BVEYiLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1ncHQtYWQtMyJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 464F 2 KB
3 KB 121ms
116ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 3160
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 464F 295 B
415 B 98ms
93ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 3160
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 464F 0
0 71ms
67ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlN_omtsLjmSpQbPsrQ5q11wUCf-_0iD8CWiYaB55n_CWACsUOEpZdpA9rCDBgZXW0hXD1J3zQcG8CX5vouOwLSHcq5w
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H/1.1 200
OK ai.aspx
at.bahn.de/ Frame 464F 43 B
1 KB 205ms
35ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=16055076424&cb=4002653325

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 15 Feb 2023 11:21:13 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 15 Feb 2023 11:21:14 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://steamerathletics.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 464F 0
0 86ms
82ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CE4xmKcDsY4PlDLmNjuwPjZeYiAzi4_CDbqCg6ISgEdnZHhABIInV5IsBYJW6gIKYB6ABqPmSzAPIAQmpAvZl4AVLBLI-4AIAqAMByAMIqgT5AU_QHhsGlOM-DvyvcgDd57iYJgoU_KEMupR4NPhjVABeLa4A6ZLr2RnSNf_nmu_T7WDhL77NWJgmfnQ77lbumAlY3SDDoIbrL4qG5sEbmg7-MqCa1O6irBHX1w859Nbkfe-jtsr0qQJpbFVN_buhhoj235y3C8ZXOOOKBDZhEauzgVsL6isGlH_kN_9QSvpcOo4zBHUFutwyh_TdER3xtWGgmz44LTqr9OrOf8GgyBnpPtraE0GlE9rKVAXPeslwUTMl4-5LAcREZTek20FbRACZpk4cS2oMs9Rq5i4tRmAvTJrlxdxoZXMqMwa3ATB5iXdN4Cq6fdO9t8AEmqvC5NwD4AQBkgUECAQYAZIFBAgFGASgBi6AB8CG7TOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCxkxXSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MzE2NzYyNTEyMDMxNzQ4GN_SHg&sigh=0uZP1LNOKSI&uach_m=[UACH]&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE&template_id=419
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 pixel
protected-by.clarium.io/ 68 B
243 B 178ms
46ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzI5NTI1NjY4NjU6NzI4eDkw&v=5&s=v31gpact96m&sb=-1&h=steamerathletics.com&cb=1843561&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6STVOVEkxTmpZNE5qVTZOekk0ZURrdyIsIndkIjp7Im8iOjI5NTI1NjY4NjUsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjgxOTM4OTExLCJjIjpudWxsLCJsIjowLCJvIjoyOTUyNTY2ODY1LCJBIjoiLzMxNzY3MzQzMS9CaWdUZWFtc19MZWFkZXJib2FyZF9CVEYiLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1ncHQtYWQtNSJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7EC0 2 KB
3 KB 121ms
118ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 3160
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7EC0 295 B
353 B 98ms
95ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:28:34 GMT
x-content-type-options: nosniff
server: cafe
age: 3160
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Feb 2023 10:28:34 GMT

GET
H/1.1 200
OK ai.aspx
at.bahn.de/ Frame 7EC0 43 B
1 KB 105ms
29ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=16055076424&cb=1017347028

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 15 Feb 2023 11:21:14 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 15 Feb 2023 11:21:14 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://steamerathletics.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7EC0 0
0 86ms
83ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaHw0KcDsY5TqDLmNjuwPjZeYiAzi4_CDbqCg6ISgEdnZHhABIInV5IsBYJW6gIKYB6ABqPmSzAPIAQmpAvZl4AVLBLI-4AIAqAMByAMIqgT5AU_QmvnjSmHRYIAwhLkKRXlAysiO9GYT-ZxjivyCKLZiPDBxiauRIeVtaG5jcyPnvjEcD8g4bf4ZgT5qvhLritM3nezlS0zXAt8tkkvZVGlZto2GtFFK4AqpwxpXP79gCjFPQ9Rp58BP-hkZ1aToL4bs3tjTA_n1qQj82-0u04gphfhTwSW8esYgPVruuUANmppG2mgEuxUMmkdu5-6MGeyr6fiHWeNcuLGkwmrRqnReeM0GA33YiMFvZMmIJ3qnpKnR8HnRpIVzhJipspdHRx-n6FIrLZwwd_UAM3uiJo6zkMIDRB6yvXRRuDyuOpJEnYgCB-hJAGYjacAEmqvC5NwD4AQBkgUECAQYAZIFBAgFGASgBi6AB8CG7TOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDkzwbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MzE2NzYyNTEyMDMxNzQ4GN_SHg&sigh=OuzUEKy7_7I&uach_m=[UACH]&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE&template_id=419
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 pixel
protected-by.clarium.io/ Frame 531D 68 B
243 B 46ms
45ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzI1MDA4NzA3OTQ6NzE3eDE1Nw==&v=5&s=v31gpact989&id=eyJkZnAiOnsiYWQiOjQ3MDQ4MzUzNzcsImMiOjEzODI2NDMzMjg0NywibCI6NTQ0NjY1MzI5MywibyI6MjUwMDg3MDc5NCwiQSI6Ii8zMTc2NzM0MzEvQmlnVGVhbXNfQWR2ZXJ0b3JpYWxfMSIsInkiOjAsImNvIjowLCJzIjoiZGl2LWdwdC1hZC0xNTI1Mjc0MTIxNzkwLTAifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=6643878&h=steamerathletics.com&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6STFNREE0TnpBM09UUTZOekUzZURFMU53PT0iLCJ3ZCI6eyJvIjoyNTAwODcwNzk0LCJ3IjoiNzE3IiwiaCI6IjE1NyJ9LCJ3ciI6Mn0=
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

204

9dd38895fe88e3af
pixel.sitescout.com/iap/
Redirect Chain

https://centro.pixel.ad/iap/9dd38895fe88e3af
https://pixel.sitescout.com/iap/9dd38895fe88e3af

0
191 B

144ms
29ms

Image
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/9dd38895fe88e3af
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/9dd38895fe88e3af
content-length: 0

GET
H2 200 pixel
tracker.bespoketechnologies.net/display/ 68 B
185 B 196ms
196ms Image
image/png 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.bespoketechnologies.net/display/pixel?action=impression&site=57747e04accdf17684d5f7f9&ad=5d66bce596dfbc1bca6dc9d3&partner=58da9007161d113db86ebc99&shop=IL6125211664
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: private
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 68
content-type: image/png

GET
H2 200 BT_Generic_350x150_ShopNow.png
dynamic-cdn.azureedge.net/theme/Shared/images/mp/ 4 KB
4 KB 219ms
85ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/mp/BT_Generic_350x150_ShopNow.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE9) /
Resource Hash: 39db02385bc7afbb4975ee9b2e7e4c3970d29e2cd888aac2703fcd279c55accf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: sRcdbDJzGRCIHcjzYF1xhg==
age: 13246064
x-cache: HIT
content-length: 3687
x-ms-lease-status: unlocked
last-modified: Thu, 29 Aug 2019 14:55:57 GMT
server: ECAcc (frc/4CE9)
etag: 0x8D72C90FFCA412F
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ea940d63-d01e-002a-7eb6-c8bea0000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 pixel
tracker.bespoketechnologies.net/display/ 68 B
175 B 193ms
192ms Image
image/png 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.bespoketechnologies.net/display/pixel?action=impression&site=57747e04accdf17684d5f7f9&ad=5d66bcec96dfbc1bca6dc9d4&partner=58da9007161d113db86ebc99&shop=IL6125211664
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: private
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 68
content-type: image/png

GET
H2 200 BT_Generic_350x150-shadow2.png
dynamic-cdn.azureedge.net/theme/Shared/images/mp/ 22 KB
22 KB 163ms
29ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/mp/BT_Generic_350x150-shadow2.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE3) /
Resource Hash: 7b0485b0c7f9acedd0ee54f27d8a9fba84dd05528fb31d7cbd22ee67fc319482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: p5g5sHXQNp46AiE9VWaR+w==
age: 13245831
x-cache: HIT
content-length: 22393
x-ms-lease-status: unlocked
last-modified: Thu, 29 Aug 2019 15:30:37 GMT
server: ECAcc (frc/4CE3)
etag: 0x8D72C95D7C31B31
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e2633a4b-f01e-0079-5ab7-c8a2af000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 DynamicImageHandler.ashx
cdn.getcustom.net/ 62 KB
63 KB 1112ms
675ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getcustom.net/DynamicImageHandler.ashx?pid=1049&did=76221&cid=9970&ndz=1&tt=Fulton&bt=Steamers&yt=2023&cp1=000000&cp2=EEEEEE&width=300&height=300
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 066554332e6f4925bcdfdf2025fa6750cea08b40db9bfd90ffc89c2fc260520e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
last-modified: Wed, 15 Feb 2023 11:21:15 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept,Accept-Encoding
content-type: image/png
access-control-allow-origin: *
arr-disable-session-affinity: true
access-control-allow-credentials: true
cache-control: public, max-age=2592000
expires: Fri, 17 Mar 2023 11:21:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 22BB 624 B
307 B 75ms
73ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjg_KnbATAB&v=APEucNUvKx3JCK_MRp-vjgZnUqSqP6IN5rmH9j19HxkJRZ2hcPqxdjq_Ts2FtY_af4yvrJcKTz-yc80d0Yjhr1ZLQsT_8Ds1UX_ITAMH5Ai35DlCjKpOKdSIVAPXa7dzB0D4PB9OJgNeS_cGA0JIVlbSMbVTk_PaVRYZEtptK7DpI9r7QpSq-5s

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6659 78 KB
27 KB 176ms
78ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27800
x-xss-protection: 0
server: cafe
etag: 13454357883945390929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:21:14 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6659 42 B
401 B 167ms
71ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRUooBsr275C-de49pk2sKYGHOnBQhlYiSM8mK8MohAgzhc0ujn1hW__ffNdkrw85Hzi0UyYhf144q1Ox0-GAqrT9Lv1S81hG9RrLf0TpPUWFHvqo

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6659 0
58 B 167ms
72ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9643033328672388750&x=1&ct=119

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 6659
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

31ms
31ms

Image
image/gif

3.65.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.65.4.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-4-114.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:21:14 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 15 Feb 2023 11:21:14 GMT
Last-Modified: Wed, 15 Feb 2023 11:21:14 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6659 3 KB
1 KB 47ms
41ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 6659 20 KB
8 KB 42ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6659 0
0 62ms
57ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyB0d6g9jb8echlLzp1LuiyREz-I3cviSzbOeBELDbXkv24vPAfDS1gUomdzg2SXs8Dn5Dfbr71aEKI8dKi7u4GP477w
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6659 156 KB
48 KB 77ms
73ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:21:14 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 6659 68 B
244 B 92ms
45ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzIyNTYxMzA0NDk6NzI4eDkw&v=5&s=v31gpact9am&id=eyJkZnAiOnsiYWQiOjgxOTM4OTExLCJjIjpudWxsLCJsIjowLCJvIjoyMjU2MTMwNDQ5LCJBIjoiLzMxNzY3MzQzMS9CaWdUZWFtc19MZWFkZXJib2FyZF9TbGlkZXNob3ciLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1ncHQtYWQtNCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=9112799&h=steamerathletics.com&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6SXlOVFl4TXpBME5EazZOekk0ZURrdyIsIndkIjp7Im8iOjIyNTYxMzA0NDksInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 official-icon.png
dynamic-cdn.azureedge.net/theme/Shared/images/mp/ 5 KB
6 KB 63ms
22ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/mp/official-icon.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCF) /
Resource Hash: aa8067c1709ab463f25f0b588cb5892b59dc8107acd4b2f9bb9551b0bf493571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: /SM2yD3mXg2mreY5TZb/5w==
age: 13241642
x-cache: HIT
content-length: 5490
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2017 15:08:03 GMT
server: ECAcc (frc/4CCF)
etag: 0x8D4E00198DF449F
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3dd02e48-101e-003c-2ec1-c87f3e000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 visit-store-button.png
dynamic-cdn.azureedge.net/theme/Shared/images/mp/ 2 KB
2 KB 63ms
22ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/mp/visit-store-button.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE1) /
Resource Hash: 4e167383fcff15e8bc7ba9c2ae696a7a88f6717b9bfb1716092090e83d8afe7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: 0CIcNDXgfQXJ2zjmuULcTA==
age: 13239701
x-cache: HIT
content-length: 2063
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2017 15:08:03 GMT
server: ECAcc (frc/4CE1)
etag: 0x8D4E00198F19775
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: eebaaecd-801e-007d-5bc5-c8572d000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 sale-badge-64.png
dynamic-cdn.azureedge.net/theme/Shared/images/ 7 KB
7 KB 61ms
25ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/sale-badge-64.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D0B) /
Resource Hash: 7e7c3c31b5bffec747f28793d021950ef2ba45c431a038f2e1d5e6bbadae70c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: 9pdl7++/C6UJN+CAoc4Oaw==
age: 13239701
x-cache: HIT
content-length: 7506
x-ms-lease-status: unlocked
last-modified: Fri, 03 Aug 2018 16:44:32 GMT
server: ECAcc (frc/4D0B)
etag: 0x8D5F960638234CE
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 193ca499-c01e-0017-4cc5-c80b86000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 DynamicImageHandler.ashx
cdn.getcustom.net/ 79 KB
79 KB 930ms
602ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getcustom.net/DynamicImageHandler.ashx?pid=1304&did=76146&cid=13611&ndz=1&tt=Fulton&bt=Steamers&yt=2023&cp1=000000&cp2=DE001C&width=300&height=300
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0eab715a62fe239cce40aec049d3322a4cd125bd7f1521e9e2526b8cc663d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
last-modified: Wed, 15 Feb 2023 11:21:15 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept,Accept-Encoding
content-type: image/png
access-control-allow-origin: *
arr-disable-session-affinity: true
access-control-allow-credentials: true
cache-control: public, max-age=2592000
expires: Fri, 17 Mar 2023 11:21:15 GMT

GET
H2 200 circle-arrow.png
dynamic-cdn.azureedge.net/theme/Shared/images/mp/ 1 KB
2 KB 44ms
27ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic-cdn.azureedge.net/theme/Shared/images/mp/circle-arrow.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAB) /
Resource Hash: d1b6f2722aafea930d157f4a8325aa38e860ad2a765616ad19544d1f69703d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 11:21:14 GMT
content-md5: qRg/odX/kGEVn5WtzF8ivw==
age: 13239701
x-cache: HIT
content-length: 1440
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2017 15:08:02 GMT
server: ECAcc (frc/4CAB)
etag: 0x8D4E00198C83619
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4605bf62-501e-0030-2ec5-c891cf000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:21:14 GMT

GET
H2 200 pixel
tracker.bespoketechnologies.net/display/ 68 B
174 B 169ms
160ms Image
image/png 52.165.229.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.bespoketechnologies.net/display/pixel?action=impression&site=57747e04accdf17684d5f7f9&ad=58efae7c1486ff3ba470f133&partner=58da9007161d113db86ebc99&shop=IL6125211664
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.229.182 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: private
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 68
content-type: image/png

GET
H2 200 DynamicImageHandler.ashx
cdn.getcustom.net/ 67 KB
68 KB 879ms
581ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getcustom.net/DynamicImageHandler.ashx?pid=1304&did=20413&cid=13616&ndz=1&tt=Fulton&bt=Steamers&yt=2023&cp1=000000&cp2=EEEEEE&width=300&height=300
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a80891a9d17794528ea2a9e3a910ce850ce4c2a5f07aaf80b5ea181fa25e0a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
last-modified: Wed, 15 Feb 2023 11:21:15 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept,Accept-Encoding
content-type: image/png
access-control-allow-origin: *
arr-disable-session-affinity: true
access-control-allow-credentials: true
cache-control: public, max-age=2592000
expires: Fri, 17 Mar 2023 11:21:15 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 81 KB
19 KB 46ms
43ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

052a46b6745e0aad7a18525f05338d4dfe93bb42f10da96ea8ebd3af4f075c7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 110359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19528
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 04:41:55 GMT
expires: Wed, 14 Feb 2024 04:41:55 GMT
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3098 0
0 80ms
79ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUQ_wKcDsY43oDLmNjuwPjZeYiAyBmI6Vbcmi-pD2ENnZHhABIInV5IsBYJW6gIKYB6ABtfKq_QPIAQngAgCoAwHIAwKqBPYBT9Bm1H38lHx1slaOG_AMjcu0lUsS_i2V5OPRf5CDkKJt1P_jaeMGDWFAgdhj14hREC7r5W_PGg8Up3uhR5y6E-egKBdKUZqyMpYDkG2nuCwXfKUVKAVnsT-45Immc77sCVTBPoDPVuqmvzf4YJbxc1Kv8-zu1kGfmLkfP_a9qibnYiFigdNEgBbOPRXRFjkG4VJspS_6d_kX7IrZuBic87gxjkvYY1xrk-2i7e-ptwFRowM72o005GluwFkayDds-ZEKHHQpds1FZdL7_E3zm96ydekqXLsNtap2f-hn5qwTpkcC2xvQH_Tqv_eiBsBmJjeGri8xwAT6tJ3ongTgBAGSBQQIBBgBkgUECAUYBKAGXYAHs43VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMrwJ9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMNiBQB0BUBgBcBshceChwIABIUcHViLTQzMTY3NjI1MTIwMzE3NDgY39Ie&sigh=GkKp60AClS8&uach_m=[UACH]&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A405 143 B
166 B 44ms
42ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:11:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 3098 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 3098 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:30 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 3098 68 B
243 B 48ms
48ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzI5NTI1NjY4NjU6MzAweDYwMA==&v=5&s=v31gpact9ec&id=eyJkZnAiOnsiYWQiOjgxOTM4OTExLCJjIjpudWxsLCJsIjowLCJvIjoyOTUyNTY2ODY1LCJBIjoiLzMxNzY3MzQzMS9CaWdUZWFtc18zMDB4NjAwX1JSIiwieSI6MCwiY28iOjAsInMiOiJkaXYtZ3B0LWFkLTIifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=9065646&h=steamerathletics.com&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6STVOVEkxTmpZNE5qVTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyOTUyNTY2ODY1LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9550 0
0 90ms
88ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGhR1KcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE8QFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XEwi9CppQCkTORUIHb8hoHaPR_1HbV6jgF5EMq_cCbqpifOrROxG4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi02NTQ1MzM2OTkyMDIxODM5GN_SHg&sigh=KA6SnHbfJmU&uach_m=[UACH]&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9550 0
0 125ms
33ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g3gyt2pbhvmcstjq9p3h87649hq4j557vh3d9edhxpreqwg9q4x6mc8vxjyb040pe2s87vgns7cb11rdkdwcbdtbjapnyvr725t1awec37xkze3y7n7jk8q86vvdw3942rrhhzyptx626gb9m001wpyjp8eyfmq5hsvhb97qt3q235wr9rw0nh5rjhtzfzft2mrkw0mcc1xtskkf0dfyxea1pexs2zxfr1sd3ezsha7q35m47bfa3yz237fpw9edscn8s1wp52nstv37egr0skraw8ps8wwy4p61mt91ejdr2ykenxwhh0thqxzw4r1fxby49mb3bed9t00jkr96v9b8vqnnyyc21wm8xw1pbc5cyrexwxg2qz59xhh8y6sv7c2am3n6tjqgcr&b=Y-zAKQADNIwHg4a5AAYLjUg8IP9xmf8nFfVTyw
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Feb 2023 11:21:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C447 2 KB
3 KB 134ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9346a36c65266f86fb5aa99f2f734080ec673fea6a548010f842d9c6c89c3b15

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 799da8aa3f5890da-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:14 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9550 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 10:30:04 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B42E 1 KB
757 B 49ms
34ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9550 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9550 0
0 80ms
70ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwGHB251rSHNSTFe-PumVnIdTiQdq3Pc-_EvpyRbuBwRNk2gU0Z20_ZK81awZEM22wbLRMEKQGzJeXHsAzdvPRwJN-ng
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9550 24 KB
6 KB 46ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Feb 2024 06:22:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9550 156 KB
48 KB 145ms
135ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:21:14 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 9550 68 B
243 B 63ms
52ms Image
image/png 34.250.52.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_bjhRNUw5U3NZZDRjc1ZlSFMxb1JBd1pPakhzLzIyNTYxMzA0NDk6MzIweDUw&v=5&s=v31gpact9fp&id=eyJkZnAiOnsiYWQiOjgxOTM4OTExLCJjIjpudWxsLCJsIjowLCJvIjoyMjU2MTMwNDQ5LCJBIjoiLzMxNzY3MzQzMS9CaWdUZWFtc18zMjB4NTBfQWRoZXNpb24iLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1ncHQtYWQtOCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=190447&h=steamerathletics.com&d=eyJ3aCI6ImJqaFJOVXc1VTNOWlpEUmpjMVpsU0ZNeGIxSkJkMXBQYWtoekx6SXlOVFl4TXpBME5EazZNekl3ZURVdyIsIndkIjp7Im8iOjIyNTYxMzA0NDksInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-94.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 22BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1

43 B
766 B

31ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjg_KnbATAB&v=APEucNUvKx3JCK_MRp-vjgZnUqSqP6IN5rmH9j19HxkJRZ2hcPqxdjq_Ts2FtY_af4yvrJcKTz-yc80d0Yjhr1ZLQsT_8Ds1UX_ITAMH5Ai35DlCjKpOKdSIVAPXa7dzB0D4PB9OJgNeS_cGA0JIVlbSMbVTk_PaVRYZEtptK7DpI9r7QpSq-5s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:21:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 22BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.zAKqBkVisZOCJ9P6HkqAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1&google_hm=2

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjg_KnbATAB&v=APEucNUvKx3JCK_MRp-vjgZnUqSqP6IN5rmH9j19HxkJRZ2hcPqxdjq_Ts2FtY_af4yvrJcKTz-yc80d0Yjhr1ZLQsT_8Ds1UX_ITAMH5Ai35DlCjKpOKdSIVAPXa7dzB0D4PB9OJgNeS_cGA0JIVlbSMbVTk_PaVRYZEtptK7DpI9r7QpSq-5s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:21:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIweuxN7MgPNfpsXmDEqxWE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 22BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENFUHamMDw2_cnf41TCYm_c&google_cver=1

43 B
1 KB

39ms
35ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENFUHamMDw2_cnf41TCYm_c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjg_KnbATAB&v=APEucNUvKx3JCK_MRp-vjgZnUqSqP6IN5rmH9j19HxkJRZ2hcPqxdjq_Ts2FtY_af4yvrJcKTz-yc80d0Yjhr1ZLQsT_8Ds1UX_ITAMH5Ai35DlCjKpOKdSIVAPXa7dzB0D4PB9OJgNeS_cGA0JIVlbSMbVTk_PaVRYZEtptK7DpI9r7QpSq-5s

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:21:14 GMT
AN-X-Request-Uuid: 9bb05c89-5aa4-4ea6-8ae8-60e8088944eb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENFUHamMDw2_cnf41TCYm_c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU0MjQxMTI2MTg1NjUw

170 B
188 B

61ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU0MjQxMTI2MTg1NjUw

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 11:21:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e640e941-86cc-412a-8ccc-1d2c3d095f70
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU0MjQxMTI2MTg1NjUw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 531D 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aedfb1901d5367408c3a2f996641c4c713aa66c8ccf5bf643507149a8297882e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6722 16 KB
6 KB 39ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:16:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 16 Feb 2023 08:16:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6722 34 KB
13 KB 39ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 15 Feb 2023 20:57:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 531D 0
0 79ms
79ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurlpVP1a_PXk1Mz1fGOL-84hQJTW8sIk82TGVzg4uIz3rUFgZJ6Fl-Mnv3RZEK40APvpvIjRNNHugvTL09Xja1vOqblSNXIL3efjWEDQEUWa5uBnPewLIfGtXBI28RS0_oUo6A-Q85kSco2KKk00YdNK58rL-HD4BV2G5vBO1-wXrr5HqWIv_NX06agmWjdAe50skDEoz9Vl1pGwYu0odZdDiTtxhZG86KUvEEOolEnuEQ-OQCYOBu0jXLPyuDWruXlj8BAqlLQpqdqYiYsYDImdhVgy9_Ct7P2RQVOhxYmgqDCypJHiXjVukL-j-EjyWLhfO904JP4LOuxOcieXcdMYc&sai=AMfl-YQsTVxp5naIm2tmXSi2wGk4zbc0IyMIDc1hcsS9LTE-rlDAtC9tp_Mm6USEyeP601HwMqBwMrj0YFSoc-zdmv45-2uLH0rDjiwg65bx4ZnUmwVK5ADcBVz57di_Eg&sig=Cg0ArKJSzBA2tosc9VqCEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 11:21:14 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6659 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=561767890440&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6659 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=561767890440&version=m202301230201&ct=119&x=1&cor=9643033328672390000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6659 80 KB
34 KB 94ms
94ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbrMTUQmGsy26O8Xi7R1C3_T4Ej9cp3Dx6AWl8GFRUcD0CI9ewj6xQLmToMxVoEn77hQIMVSFduLfp8HjynWx6ZaBz5oDnz8vvBd-Kh_pAWahvvjwksh0JEz3Wk414TuTHYQK3z0JOQFVi_8ChNJ0A8psZ6lN3RQMW4evAIcNifnkDXDPxP-vEutf_B0alTW31HOlz&cry=1&dbm_d=AKAmf-C6n-boPE8MOLAvuefLMi57sw0e6CjgUK9XAdmYCLj438InP-RNv2c9Oi_2aBjrPXBQ6PRAEhNsKTHqv7bVe6YvCA4q1sVyanZkWxmy0fYsFTMKnI073AHTJwqBUQCx6mgRXWcHmJuvpaFcEPxWYnzbebf8iO34cJO5JXfxVVlVYHnCin5ekxOj7Bk5svZTEMzTfG7rkJOsRfvJFCTWD-fWFfFjt63nROQBT6y5IYdaRAC4CNHQgHdQO0vWtxylLd6N9dOjQUVZCTEsiNR5dDgxuyNXsM53xHm8MICyL-0Lx0VRpRvUQHQ9te7S6WDZu5_v0NOcBctNu2o2kpvqI8XA77aP9YJoRy9aNe0gULwdlvgm1uVqUypjdM08amMkZRLdKj8Pdwg_e0XNwIs4Q2Vi8ExtelV7qi9yhEa_sOXPCOqV3j6kgL5mSuxf6V8z2zFJ5TkD_Y1A27Mype5dF9mYyUCVpuI_ta6jd2t1P9Mm8SIJtwvBt6d6DJHByR8GlfS5qRXukFYuUeCBayFoozX6xe8V7qpscIaukXTJRIWmjUMDVcGD8zBYxOhwurPqnnbHDd5wiftFAdpP4yfPVi5fuT4cGrYlEuu08VFaydSiBCzKiRHSY6ud99jbFuaFdDd0TIjcDKCt5vnz1t4W3cuVILtyUZQP2uiFFB5AHyf2tqpMN7h60Z7GwpeaXfB8TqTvvukpZ8PvckOeN9XPCO0p-zReeh3uFIPyyIZhVvKCKg3uoZrjbVV8LCkNXyje1z22UYhbIntFLoKnIZWfOaxrRNmlG96GBfDrrM7clo9EoZCOOs8Sta-rfXIH7xGHR3LDxpwtDyx00x22mr_QDmvgPLz5XzkDuuJLd35yYuzTOCRyraS9qtyXaRbrD7y0BfVYM_0hI9V8TjeLXYoet3AeM_BJktokaGPuiQyOZ5DGH4lYNhZ1k566vdYovViZCWaPEeaMcY8YsQxhlAKYD26qaL84xXLOefRiHpd7tuk1ZxUb3Ex-CVb-EJItK-jgslyA0N8CroKC9LCb3aDEe6z6pKK2ZmcrzYz1yDXnW--FxFWgcZlxUJAja2I7cK6zOP9YhKORIvkw9SVVyibU5EECvChxdYnZcoz8ddZKrpCpXSAaUVS6Q38M4vpku17nmF-w6fpjedfPlI4ppoZVIQCqso3VJK3rCOpPwAB2O3ntOlHKAzunRdaLITlkKCDb-jbQ42a65JRCmrCiduucZbMo7y5dVw7tkRcfk9g9uJ5bXyNzGmJXb-BWP6aIRUXGrABdozSWxk8qKN8KAToHItaLuMhhpkOOIAjm-1amz760OCnf1jvN1mFMkZzX6CiG3OT3LKo1z447NNzpdW3z49kRuEr5QQTGQUr_Ak6V4diqGEHQJeqhjvpV88cj_vYaMEa2L7AkM5pEP2vqNNgO-pg8E6CPA1S6_z33VSo3ki12A_t0DK0T7GlQnSzgLRt8pFd9cJ8TqwBBNR7vcq7mejE9VXrJNZDYNhcuVwELjEVNZsqnMa0I2Bo1F639b4C-iSSZmXRt4drGasV1XFj-FBXjaS5Wy8BYwXh7i7rvA3s1MTHxCPYVlhqq7X2wJHKqaqpBBXb-6ke2f9sIvP1IeuQTZqxfrfH5j4LeV4AB3aOuIvaIMC6fPzHRiuIlsYXYx65tfiTYXLuKZS3WncucUezdOl1JSS2omPYAdLC811iQzV2GwUhiNPpt-COKqnxmk1OMCGVPdYfxBA2hTEzKNRQqM3wfkYg7uQaKs6YWSOrJ2lbrMKh04bR5OwSxnQ5KjVLUnKDm_VB0icHf5nV2h-RxrfD96N7Ze3dFmxDYqIMo27djrha9PddoPdwIbtZVksdJFqunv8jmZqa2ffVe06GluSdvkwyFrspRK5f-3Y1ekziGA0EamoHT6Nb6H7kAsZvTJW0e5WhdJqaSqtM4ccLPMQgQ3HKxqpaGhFjKsj8sXcq9t1NUTrJQ5T5Wx-LQ6OgmFdTkdYrpEa422eh_Rk78b_Nr_EEGcqxkfGLMwHyWqu_aV2Tz0o0QFvHcn-td7--5ZwDO_KE8D5Kwd7nxr0TYEhOGQQwvRE3h0RFrGBLkLKahBLpY20W5wTFaJZBNJenGjr3OOCb9RPZCUIIQnqmFwYyBev2duiddONYfDi4iydM4L5jodFfbwT_NW_KS5yr0pyWdfFKaJd_8v3OMZnxNySLxrK5mD8Ej1vkkWaImQ1wTAJ_IpouVx_ONdcAIF4g0cXphgUe40SlrKdf4SJf8Ye1CzoolhyvjGftEVxJkHl70689PWEB8zdLWhyZ7nSsDgBTYCkDp0kKPQUXlFA8LM6UBWXe2r8DSEhgXp-js_Rxd6DmxrSNUVfSM4dDLML6aPWnHDy0NQQ2FmMMwaIVUdHS3dz0ZDgtHWo2a4sgqCMlXQzj41Zs594SQ9xSILfF-rtfVuVJzotzjDvZtJArtXJs6NECsVq-aMCXHAVLrMpA-ECfT8lAjQpr1gnP3WH5Rlb4XbuAQNyk7b0D5qOBjwS12o-EPV8cdqCdQZc6N5BjXcMrd7fvtAJ5y-6hWTY6dgXdejbXX6Sk204_JbdPcj1z2bMrJzjBcYZF5BXy3uTsGfJTuc0DXAPDGPxyymIdlj7o3o8RoJxBKhf3yajLhYtoZZiJJnPqfmZB4IUQt8Jzdz0egxDRw0jIVqTYxd5dQ-jx2n01_6lXCuOuwielZvWtg-tposR2aStoFVwIiF4g4qaD5WSGtew6f5BEoHGNEkl-qf_x5JJr76rWh24QiZH9u0vDup2wfbP41dBPQdrCfzrEl3mUwsz1D9jupmzjQs3ANfk_XjgG2g9e7KR3A3YINV8M4lWaXERTVSuTS56GW2dpCFSumCAN-MzlllSsRLlB_19cEY1DF4LyKTnGbHRDVWTTz0EGIu7mXxptxx7dT7hoXSItCJkHcgoPFETgsoo-Y77q0VHScjds6MSMo0yC-3GlfQpvvAaeBuLF27vM_QR6PxpmRwUDXHjsOr_W4fgSCde8qWvHaju7CPrLrfkgLjYCri0LxFOV5Xk1jZSghW8XoKZCWqk9imBB3wSuMQYsek4WibcTJDMgTK2Xurrgnv46WYEd69NcCA-IfRESVLWkXh1fBzupSy9aEmI06xQAwZC-2DjUvtQNOw4AEi79XzV2NwCsNoi4quMOyeYWK-ElAvICHOcFTbHbaGKEdnwyVPkYFEDhuF2tKblQoirMsbz0-mmIuYW55ukh9phKqMEuA9c3_OdvEK16FuD2b03h6iY9evFOPKg8e7zty6dXgzsGTZPcWWhTnQYWCUNbAoZd_zDGlmW_KznRuV0yBwFrGKfawjlYgKzbBcn74dccEtLNvrzgl-KAwD_BqL8bxEZkbfMH5xMwR5GZ4_WYaXKjPlenM6VyOf35QAaZLhAsJbsrtw9JHIc6nTlIs0y3_H1M9bt09iSgiaWjAVfH5q6Mo3uQGJhXeGE07nMuvLm850Q&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsteamerathletics.com%2F&ds=l&xdt=1&iif=1&cor=9643033328672390000&adk=3047537735&idt=207&cac=0&dtd=7

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d2de78fa3086a3a74b2de1caa54b67ac469dbaff72ca0128a8b0a8c38cfd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.34/one-ad/ Frame C447 94 KB
12 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.34/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1675961363
age: 498119
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdsk_oFxMrfQmT18UehTVqYFLCgKqe5owZa4nS6b5rDwh5FIXXl_KZlKkbMq5tI5jX6pwgkrGCLZNFReNIBmAJJUlCBIpNSF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Feb 2023 16:50:00 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1675961400209468
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQokEtqWGpdt%2BYruNT4p00gevWHuOvycXZzGB53A959dPKtUzcy0fy28Npy6SdklfjqntdnPrCspCpnZIGlnHXJM3xTXBN%2FyL8OFgiD90%2FiYCupXnkS2ipg1GYRKeA%2BUYOJCbDeAKVQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 799da8ab688690da-FRA
expires: Wed, 15 Feb 2023 12:21:14 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C447 35 KB
12 KB 53ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73009
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUNHvbJ0FRIf4TCuU20lsNaTm95QIQxZGXJuAvKyPgGSEpE%2Ftlb8Y58VWoEz4sKykKFME4bLu2DBWcV6WuR07QevbtfpnbKrlE84RcPzZa%2BoaxeUqA2SH3l3CLeuHaXxEiDLflA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 799da8ab88b090da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 13 Feb 2023 21:55:50 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B42E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1&google_push=Aa02lx-GxzIqY8DbXQ9mAWOHTuHbLiNb0YkqZVQ9CjNAP343qN1Kt17p9almX-l8Q6zqrrOPqLw8LpfFRUOJRNpSDFc2Ef9YIJxce0M
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4NjI0MjI0NjE4OTMwOTQwMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1

43 B
398 B

81ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 15 Feb 2023 11:21:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAhnya_CPjYjTTRZdXaaQKY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B42E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZH...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXyS...

43 B
424 B

191ms
177ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 799da8ad6f6790d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 272
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-4ma25XdQOlGbiIhnz_1GLB4Tm4qxkc3g7hF3NE3ksNGMKWdZpEt5NOPR2YyyI9Fub1AiwESIAPlENVOKtppv0TIdkXySZHSM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 799da8abedfd90d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B42E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI34qAK_8_tEF4D7UlUbOiI&google_cver=1&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXA...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXAGGoX...

170 B
188 B

61ms
61ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXAGGoX8u3BH_D1XFHJI

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx-chZvb6LcOUn5l80FT1QCminWNLE3JtAPut1Wwmx9GdqGMMKzNl0v4YECBcXz5TDY5ELM8G_pA3l_jXAGGoX8u3BH_D1XFHJI
Date: Wed, 15 Feb 2023 11:21:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B42E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOEJtkKZ9DrnwdAmovdjzUA&google_cver=1&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1Z...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1ZDhFixL6Q&google_hm=eS1BZE9IdGcxRTJwSE1...

170 B
188 B

60ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1ZDhFixL6Q&google_hm=eS1BZE9IdGcxRTJwSE1reUpQbGVkNmpjbTJQaDhORFI1Vn5B

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 11:21:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_BS-dltno4b6ZCYg3hqrFGgZq57NOxphVmowB8LJKxo2UzuFf-Z64tSbpfF-I25EChIWxSjGMfKj1DQcZs-T3pO1ZDhFixL6Q&google_hm=eS1BZE9IdGcxRTJwSE1reUpQbGVkNmpjbTJQaDhORFI1Vn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B42E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEI319BvBa2Jf4I8I4JUYp4Y&google_cver=1&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI319BvBa2Jf4I8I4JUYp4Y&google_cver=1&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U

170 B
188 B

61ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-OCOvzV8iteY-NWMyVDLf0Nzm2l5H7lTgS7RGwrxU_4HQqIw1oGeS49wWJrOvoRDpgxHG4qanu7YMux39-BZVBQ42I_VzQH6U
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B42E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

59ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_egKwONdszXS4Sg-_dN3kx-jrHVRB3M9q3X6JbI9UwNLrIy33mLlJcoPIKLTSBCCoB_CJGwq2SKsYUAN6syZBap9ZkgcfpLw

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_egKwONdszXS4Sg-_dN3kx-jrHVRB3M9q3X6JbI9UwNLrIy33mLlJcoPIKLTSBCCoB_CJGwq2SKsYUAN6syZBap9ZkgcfpLw
date: Wed, 15 Feb 2023 11:21:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B42E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIDncorsTr96-QDa3w1SpU8&google_cver=1&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB7q7rgC76NpkP4Ep2rw

170 B
188 B

62ms
61ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB7q7rgC76NpkP4Ep2rw

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-lYbKxNGuH0g5JMCrIWeVniF9FmL50pBzfarpbgOhHq-X74vyAPMFSNsqaWNgc2jE4U4X_XY37LsHB7q7rgC76NpkP4Ep2rw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B42E 0
50 B 63ms
56ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kyjd_apddooTSJ6z8UVBBgHrao_qXdn1FXW9gsTcqjNN2nX5HLwWiM9iXhLNwOKmyAgSqa

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A405
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
67ms

Document
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:14 GMT
expires: Wed, 15 Feb 2023 11:21:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3098 0
0 61ms
61ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSS_50npz92zQdEd3Z7f3qANZNMpAV8Uih26r97aibalT8B-18lyoaJJ_MKVcGbQ7_QV14TDFqIbjvKRwytT__VMxu7Zg
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3098 156 KB
48 KB 86ms
84ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:21:14 GMT

GET
DATA 200
OK truncated
/ Frame 3098 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2083b5c97da050c0673842bb830fc6d0ec138366b82408328d867f73a84fbeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6659 106 KB
37 KB 323ms
36ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Origin: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Feb 2023 06:22:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 6659 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:22:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 6659 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10817
x-xss-protection: 0
server: cafe
etag: 7837758721724492523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:06:29 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 738F 2 KB
1 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52657
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 799da8ad0f8d3813-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 11:21:15 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jB5HK7aaVoS%2FXi0%2BEzVNMgNEU3XTH6BNQEKgCGXETR0dfUIehWpNqiJpEZLPgS8zHTwJGD%2Fz%2FCeTRJGWJPI9IJW9pYjLzAgP5zmYKp7DhZ3gW7rwlGYdJf3MfvKy8x6KTeSt7U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 4 KB
4 KB 37ms
37ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/Logo.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3956cd9f364d92629af639bad232362e05e118521dab36c3d29d0e17d259aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 14 Feb 2023 08:48:43 GMT
x-content-type-options: nosniff
age: 95552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4282
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Feb 2024 08:48:43 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 3 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/cta.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe54a55cbd243f51f66ea1c26cda6c45cf6c2d377061c773ef74c60112d0a21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 11 Feb 2023 09:22:58 GMT
x-content-type-options: nosniff
age: 352697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3120
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Feb 2024 09:22:58 GMT

GET
H3 200 sub.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 10 KB
10 KB 43ms
42ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/sub.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bacdf7bb4a572e4f265de06190e8aef0ddd976df73514633645ed822bfde3c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 15 Feb 2023 09:14:35 GMT
x-content-type-options: nosniff
age: 7600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10487
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 09:14:35 GMT

GET
H3 200 title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 20 KB
20 KB 60ms
59ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/title.png

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35a55463a8fba703f3b9ca9150f10745d5ad6978b5edfdf0fa439c71f73752bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 15 Feb 2023 10:17:17 GMT
x-content-type-options: nosniff
age: 3838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20933
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 10:17:17 GMT

GET
H3 200 BG_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/ Frame 6722 32 KB
32 KB 49ms
48ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8840107762433130496/300x600/BG_1.jpg

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35c0ceeb28996bff5e2a6864d4a0b4c8b79b4ece9e450601524c2344cc7b797

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 11 Feb 2023 09:22:58 GMT
x-content-type-options: nosniff
age: 352697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32838
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:58:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Feb 2024 09:22:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6659 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A96F 1 KB
643 B 37ms
36ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6659 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f14b873ea6ae96cc4edf9521730297f636148c4763582d90e9e48e3ce9f7cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 43C5 22 KB
8 KB 44ms
34ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
expires: Thu, 15 Feb 2024 11:06:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame A96F 43 B
409 B 200ms
198ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1ZnQIHSqbdaEMfp3v_fRU&google_cver=1&google_push=Aa02lx9FsdaK2oSaSAVZk-5A4gOV-KxSfQfZC36k-iT-CkvBHadEHp4pGh-OsAL4Umbx0lOaC3lzXlrY0zPvyMiebZOdd3EIbFuwi-M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9FsdaK2oSaSAVZk-5A4gOV-KxSfQfZC36k-iT-CkvBHadEHp4pGh-OsAL4Umbx0lOaC3lzXlrY0zPvyMiebZOdd3EIbFuwi-M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 799da8ae888d90d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A96F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI34qAK_8_tEF4D7UlUbOiI&google_cver=1&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6r...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6reQoW...

170 B
188 B

60ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6reQoWclrGpZ2xLcVik

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0MTE5MDkwOTM2MDI3Mg%3D%3D&google_push=Aa02lx_LhKy8XcJd1_lduVhqHztYv0WXRzIA_YmxcKWdwqD4KHH2bunieYjuAlDzBcVRoGGQhfocKajsNhBz6reQoWclrGpZ2xLcVik
Date: Wed, 15 Feb 2023 11:21:15 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A96F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-c6MFXQvw601Nrxyvp_8M0RyhGC3CiFk0-Sbe2Lyb5ILXFZ7RB_EIemWfYvB7vkv00Roqmwu5wZVSoqLOHXeDbfgOOl1MQvJc

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0728FjW6R7i30KMYDpOQeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-c6MFXQvw601Nrxyvp_8M0RyhGC3CiFk0-Sbe2Lyb5ILXFZ7RB_EIemWfYvB7vkv00Roqmwu5wZVSoqLOHXeDbfgOOl1MQvJc
date: Wed, 15 Feb 2023 11:21:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A96F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGr9HRLf1TOhjcpFKxpC6gk&google_cver=1&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPF...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGr9HRLf1TOhjcpFKxpC6gk&google_cver=1&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPF...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw&google_hm=GKRJtGZHPQqEaKPjR4i...

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw&google_hm=GKRJtGZHPQqEaKPjR4i3wvbw

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 11:21:15 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8PVLfeABePXheXKar11A7DVUlPJVubm3yRdC3IH5MrrfynRAIKg910Q33HNbK2NR6LkkaazXmWQtjqb3fPFAe6YRqnVb1Uwuw&google_hm=GKRJtGZHPQqEaKPjR4i3wvbw
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame A96F 0
75 B 203ms
31ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEE9eFwS2B78qOO6hcOx3FxE&google_cver=1&google_push=Aa02lx_0Fhg42pBgwWoebu2Uh2HKk-XgmIsBO1tifWYnPlUCBgo6sku5zZgfDhxBmyO3_Yao2BHdw0Oyl8bPekHehizC8LRR8L9xAg
Requested by: Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:14 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame A96F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIDncorsTr96-QDa3w1SpU8&google_cver=1&google_push=Aa02lx8cndCGdVVhYydSRsP4nzgxxlEJEJb5wnUh2yazZaEHSa314WX-9DMjmdruhWJ6DAMbBprtFhde9O-...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8cndCGdVVhYydSRsP4nzgxxlEJEJb5wnUh2yazZaEHSa314WX-9DMjmdruhWJ6DAMbBprtFhde9O-QUAWajCDNiv5jl8LREWm1
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

24ms
24ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A96F
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELJi5Lep2...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELJ...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4dcfde2c-d24f-4b37-a5b6-108f007ff0ae&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

63ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4dcfde2c-d24f-4b37-a5b6-108f007ff0ae&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4dcfde2c-d24f-4b37-a5b6-108f007ff0ae&%%GOOGLE_PUSH_PAIR%%
date: Wed, 15 Feb 2023 11:21:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A96F 0
12 B 58ms
57ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMMPcYNgRlLO1Gq9IWc5MKkZ6yc75XZgZVk5TFO6wDyaq1NYbYmbhHWBuLPkZ_VL787ug6esU

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame C447 1 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e41bbfc2e2b09d931b9e84a0da41482603f98c919cae0ab5921e8a6e1e2afadd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSQ%2FU1wfb57Nm9YufBOWsN0dM%2FBgLt5At6hhLVcOKBElATSkuwkFo9%2F%2BtNXQEE5LWZQ8%2FQvw8Q80f5Xlabp%2FxazLYOIlV2rGyl2deo4vvid8IocuP9idM6h3DT6wHNnq5WVKPaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 799da8aefc34903c-FRA
x-backend-server: aa-reachservice-group-europe-west1-85bm
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
40ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 799da8aebbfe903c-FRA
content-length: 24
content-type: text/plain
date: Wed, 15 Feb 2023 11:21:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meK%2BFKCTE2Rdop6ZkvnEntFkKvMBYRzCdXXbow5py%2F4uCYRxgcUfQiMD9dMYrr6rmLW6ZORZyK%2BYZ8DOKOdNMnfeS1kwQ6AbW2mivT7fRqLDPHg1ZQ4kDh2Rtit4hl%2F%2FXouhpao%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-36r2

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 43C5 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 06:22:13 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17423174059803998422/ Frame 2914 12 KB
4 KB 107ms
35ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23a7efb399c2c59bb26a9f00d9b6bea8c3f74a5485107cd3447503f06ce853fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 398613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3672
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 20:37:42 GMT
expires: Sat, 10 Feb 2024 20:37:42 GMT
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6659 0
0 186ms
76ms Fetch
image/gif 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssB_542cjbSrXdyXzbBFYm0nNKMQV6OvKgzdEvNWk_GfzOzvDTwnWWdLFpwca8iT-1XOHQFI3n2L2xcxyEGSrVSR-y4Eqvx5vhfAtOeN7wQivsWo51uHGqMiz7P2F_3qd4aFEBDtyDXaxd9zGp-fA1wGayP1Q_v7mESnuRkqD3QDb1IFOheheamT-5xYerTKKEatic9oLTEzZBChq_7e1tmhvjjaYbh_erFmvQu4hi3a4mqJJAhQQM6Yk0nsR4LrFPPwmuhNe_b-Jp1IOBRjR6g6Qg5dq3msswOzWB6ifrk4Db7DpJm-mtF3DdPqBqSj3IhGPI2d2LoA7o0RVnwNF0wr5ielo3bvqQ1Av6tsKTQtxiuaVz_7kxtStMrhurQv23DiTqEbM_kT85PnmF27K7Doeg4aTC3spF4xKyIQ9STiN9rrHIQgSDXI5PQfqcwHNN6Qes3d1ohZJEe9cwO0N6pE56fML2eh7nvpqXi8dmNkXAiMtFuR2BhtfDJ8qDUc4Tx19iGyx9bZvrmIuxwIPeDK1w4mDEjmGCWUBprnA-XObknJe1DNLr_blwBGx3isx8aI-dPb8alVbt_8-7un8iUQXhaiUq5-sAjGApLn846m2UBmMX9lOX0fD_-JpLukvsEFgNv1JfOISQNZZL1gWLGIQQY1d7SDQrkQYqginCVJXxckGZYtdcYPA2-FalNLGubX-jki7fpzSM1cjt8wsSPoltNxW5lN0HZQ61BAOnq10uxhP8d9AWSUzAU49xyLz_WH0C_eo6rfsMef3MCoNBOzN5SB58XqIZra6-ofFxIcFRrZyP6YcILRVSlX8nD1SBlmc1crDJUeWdzUae-J_BZqWqT2sar44RezTac7W9zbXJDMA8HwCFtuZ7YR-WPGAOt-N2Hd3NgPpo_A-NIS_6XIAOF0y-B_SdIKxJVSpS_-mOk3beLm11RNn0-P3h7q75YFJdp08JtazYkVHwqFf0t_bGAcSAfmscEvJX-NnnnGT924EIWPfMbw7h57-cDAZLN-JxMCbu90WTBzFbl4N5t-2Kfg8YC7x7ykUBT_YD45mXJ6ZehNZ8oiCQM1zs2-YoTywgC_zc3BScEULA6KhiFVHNVz4cmYsVqnkonR6-nVfLkeYhWTmBYoZsLv2Z4XrGzBM7_VDmZwbqUZZg0QyglzMv84IOLF9YnSyZQZVJLBAYoUGoOCs6OMq0I3WERKvuZhgbjkWms&sai=AMfl-YSUKuHAOMs4kH4WvzohozjesAk-9EbNT5OhXf89uYcMoDs6PGMpm-ZHEiev5aBhSwjPxJw6-2Z9McGP27crhvwEjMiii9zUiQ4lPK_d7MiznkQD6Q_1sq7gNfn3J1RfIURlrv_qR4v0ltcEl4Wg93Md-pLOpameFoQ2J0sXf0GLHXewBb5YKfDmO-cAmMgOXsG4fIfuJNsbyOa53xWGQkWyabDMydGkUXtPeGlZIjoMFjLOEykAWDMkM9555khA4k87&sig=Cg0ArKJSzDPo50r9NwrzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&cbvp=1&cstd=377&cisv=r20230213.60368&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Feb 2023 11:21:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 11:21:15 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 00C2 3 KB
3 KB 44ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543d926def085007c4d0c5fe9ca377c15dbf5f7af488a97111f1644a646fab93

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jdqp0p0t284hgxgy21eh8yq978eadt76bk28zktfmdssej4s3fxqhge452bzqybaajf8c2ytmcyt9trc8z6e4vrgf1dmj7v8cy0668a35phqgf3zsh7ag8nbwbkhq3pwps37d09ww1g7dft47n4t3926j8ds98rbsve7cs8hf7w0ktr58mm25xcembvzdm31vdvb7s750217x9yzmfyhzsdjy4gd4b99s6075nkw6jbk6t3gmqh5c92s9t2w5k9cey8ttnqr58f3v22tcdb921tpym6x6xvsvj706nfkv75z9r70r2a4nxbdct1ad1dtdk3jb9e1801vnatfgy0def6cj3f6fsd4h74q25hrxbw6vzyzqanrthec70qcj7ty2tx6kn5254f6w892awcp92v72gxe6a7eavbcr1kb78k1x8387egy3bgkrn6g1nzrt0tr1vb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%26client%3Dca-pub-6545336992021839%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 799da8af4a553813-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:21:15 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.34/one-ad/ Frame 00C2 94 KB
12 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.34/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1675961363
age: 498121
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdsk_oFxMrfQmT18UehTVqYFLCgKqe5owZa4nS6b5rDwh5FIXXl_KZlKkbMq5tI5jX6pwgkrGCLZNFReNIBmAJJUlCBIpNSF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Feb 2023 16:50:00 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1675961400209468
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FI6jB5SQkOcLCGYSYE%2FC1kAoJDCADLSwSNYze6VSexCjPYuGicV1Yab9%2BaEAb0kxz5Cc8fTcV7nuJaU6uMWyRxgAIQMOaQHMszZ%2F09eXHc3OsXGti%2B76UTFsHpFZhGFYIf8jcme7p8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 799da8afaad03813-FRA
expires: Wed, 15 Feb 2023 12:21:15 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 00C2 2 KB
3 KB 49ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1781355
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1ppOlfbZV2%2F%2BGKWXIMmvLFkq9Ve3EzEsWdLYUK%2FZpWrTRQLE1FzonYhlHqoQb8GI6R9DHRD1YlJvMTSO6KvB1xGMAVQtmjGUHz20NVQ2OJSFdsJy70m70hzoAefjA1WIt5R2LPkxZ9iFZi8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 799da8afcd0790da-FRA
expires: Thu, 16 Feb 2023 11:21:15 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 00C2 339 KB
340 KB 48ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1775977
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qI1F28HKr563IxyJas0JwuVTWwhaBbfx4CTT%2F2p3xLwAg9O0hAvPA%2BCK3ClsmZIqzRpbhRLK4%2BXaBfuRk6LPGYS5l59eGZhVp3Esvayddh%2B8cLZDPN%2BFxaTpMyxDsesYzO%2BKabYKG%2BG5D6j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 799da8afcd0490da-FRA
expires: Thu, 16 Feb 2023 11:21:15 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 00C2 43 B
702 B 378ms
204ms Image
image/gif 104.81.63.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=03abfb34cfe4aa6021bc7c7c96b12f43%2F16689295833718711713&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1676460075371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h18eh9x11wdyssx13cstymmbjt8add89a7295a3sxxp8s0nb8ejfv88knk0c33j5rqhwcqwde6n8edy2kkbksv5bk3rpzy8thtbtw8pdggx9zx0p7nj4gw4et5qzz8rdwe0kd11bdsm3rfvm0mb9c4wxje68gezxwyntmqg0p5qgykbrnznnpq7fktcrbpxk8je7q4xxvk80svxtg92kgmbz5cct6hnrrehdjpb3eq4vv77a9qqaqabkqmxesjcs363fgfx2v8h11rz0gyvj3j4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_NBYKcDsY4zpDLmNjuwPjZeYiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi02NTQ1MzM2OTkyMDIxODM5yAEJqQL2ZeAFSwSyPuACAKgDAaoE9AFP0HwlBcGRIAeJFYLlChZI0slGwpIx7nX53HMEK2wGEo384Aqv6R_7uy4mO0t2IUzkFz4Ns7mYQKfefIp5m5qLQYK5hCB3NuNmLXOjPLdRHlxbaH9E8X-zdahxQikwuFqa7vDYAQCkTMj3FnGGvN_EyFWsvYyvW3qiqy9LrN0R03an5_OI4hvVdEDkMNxT-hb3r3geECbPrrG9w_Ku_84MVm3Lvob8ZOLulUtxHHwOwz3cF6VJYp9IAQKljNYPJQjp9IOVWzFLc227XA4g1bi-ua5T8ZJAi2VoMoS2U_fqZ3C7Xd6Gez0knaSFkSZ326yOd8P84AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kt_Hm0WxpSgVL8_ERBvrYl8eUsg%2526client%253Dca-pub-6545336992021839%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.81.63.203 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-81-63-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:21:15 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 a6fc438daf2c8cc18f7294c60eb5597b.js Show response
s0.2mdn.net/sadbundle/17423174059803998422/ Frame 2914 57 KB
15 KB 40ms
39ms Script
application/x-javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/a6fc438daf2c8cc18f7294c60eb5597b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 06:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15831
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 06:43:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43C5 0
20 B 69ms
69ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8IPvKsDsY6e2MIK53gP7t6a4BwAAAAA4AeAEAg&bg=!5uWl5bHNAAYuhb89DoU7ADkAdvg8Wk2G1Z_8PRK2-MLwhcTvMoRKsa6hCVS-F9z1RMYehduJOu__2LLYLOqDZEhCkpLLrOhMoAECAAAAblIAAAADaAEHmQM7CxB60nCpShcBM3dELApAdnQsvy1MBxydu3uFXGbrfM94QSvvIMdHDQD_01dZ_vXotWHK_ug9hzQs-rXQTGP--2qPJQLbadHqF--CT5J1XUjWb63BMyrP3KAH2yBuZXQ7mqIqveUrUxx8825l-QM0SxETSQnydWOMPgJZvSvPwEqQOieK1nCW_yiH6NR8Fn3xlSiYEpv7S8MW4nneDR4N_rPxBwAJk7ovqRHguX3MnQ1Am0kXT8zQg1ZTJoH-TRfx08dWYSeA4gDaJv9II2Za5d30x7OAzcaatvYsRhWbkyguYE-hEEU8TXXO_rGA6xZ7r3pvXHpJpwjElDeL9a9iXRxEnG_EKvAr5rQNNcAtdwujL0HNgj1MKokzrjAk_NgTWGNlTxx98tuiGUpBKcSAzK-8XMct1Ot7-cT-zVPwcy7zzbrs9OLCqEZakA-FR9-nSfXB2e-XU09rpJUZ41-8EZ1wuvYcO3VDEgqAvBTv5Fpph39EpzLtgYcih-8NtnAZyKs1UNMrMHx7hImY--PlyhqY3sSMWcsaoJCqNrTkcsGaFqXywn4iTZexpc2u52wU6HYsuR3S2nec5_PV9K7X6uMbCyqCl1UWVgDrGLE60sqZu-GQj9ssxEMityTtjIeoTRfj4kgPwG799S-FViAKwPvmX7tjEz3huBzqBIGqZa1qj_UtttqMKusH_xZ21zi5Sx7BSUyrrh4HyqHkMu7EdQA0l_eP2pf5aspv5xxAjV_sqeq0Ea3wW8JFqq-oV2HihjL1WGfNVCDzAeFKG7UGu_ycXc2mY__JqsJogzyUjfqYkyvEypOzd221DdQoL-I93gJcoeCIaSd7D-cLwbuy5t-wGCtLnsMiWFbVPCvbH6ucKaTtjR0t8LqPtAOKZI_rLqx_g5LXaPcipphNX8wLp-6-f9S8luepTIZAuTXhGFH7q5tLtTVmTNoMCOuv104t8sFTnLYJTt4QnMQBIx7I-nKLZZtlzFPjdJTDkypRJ0c3v8vPM-blSIWF393ahngvWp4yTvn3I6p4RzOSBdrk4F7rDCuSxigW2ZBmI4lYJe_IDeZf8bgZFaQhryYmA4jv2J3OcAYrUg1crvA

Requested by

Host: 97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9881d7df0b300d92200ebcbe31ea57a7.svg
s0.2mdn.net/sadbundle/17423174059803998422/media/ Frame 2914 2 KB
790 B 40ms
38ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/media/9881d7df0b300d92200ebcbe31ea57a7.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167406
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Feb 2024 12:51:09 GMT

GET
H3 200 0be49993ddce1f243f8b798548624e6e.svg
s0.2mdn.net/sadbundle/17423174059803998422/media/ Frame 2914 15 KB
5 KB 38ms
37ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/media/0be49993ddce1f243f8b798548624e6e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b93779692d7a84ab386daa7fbcf9a0d05202e552521879620b73f0670ccd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 09:18:39 GMT

GET
H3 200 ac4848f5dbf9aff1f6f13ddd9583fb81.svg
s0.2mdn.net/sadbundle/17423174059803998422/media/ Frame 2914 13 KB
4 KB 41ms
39ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4549
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 20:37:42 GMT

GET
H3 200 79f6af56d394a5779ddbeba9fddb96bf.svg
s0.2mdn.net/sadbundle/17423174059803998422/media/ Frame 2914 7 KB
2 KB 40ms
38ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17423174059803998422/media/79f6af56d394a5779ddbeba9fddb96bf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a92255192d67c0139d64b7fe64aef88c46f48b2d1c3fbf9d6eb8aaae4adce24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17423174059803998422/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1767
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 10:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 21:07:48 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6659 0
0 71ms
70ms Fetch
image/gif 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssB_542cjbSrXdyXzbBFYm0nNKMQV6OvKgzdEvNWk_GfzOzvDTwnWWdLFpwca8iT-1XOHQFI3n2L2xcxyEGSrVSR-y4Eqvx5vhfAtOeN7wQivsWo51uHGqMiz7P2F_3qd4aFEBDtyDXaxd9zGp-fA1wGayP1Q_v7mESnuRkqD3QDb1IFOheheamT-5xYerTKKEatic9oLTEzZBChq_7e1tmhvjjaYbh_erFmvQu4hi3a4mqJJAhQQM6Yk0nsR4LrFPPwmuhNe_b-Jp1IOBRjR6g6Qg5dq3msswOzWB6ifrk4Db7DpJm-mtF3DdPqBqSj3IhGPI2d2LoA7o0RVnwNF0wr5ielo3bvqQ1Av6tsKTQtxiuaVz_7kxtStMrhurQv23DiTqEbM_kT85PnmF27K7Doeg4aTC3spF4xKyIQ9STiN9rrHIQgSDXI5PQfqcwHNN6Qes3d1ohZJEe9cwO0N6pE56fML2eh7nvpqXi8dmNkXAiMtFuR2BhtfDJ8qDUc4Tx19iGyx9bZvrmIuxwIPeDK1w4mDEjmGCWUBprnA-XObknJe1DNLr_blwBGx3isx8aI-dPb8alVbt_8-7un8iUQXhaiUq5-sAjGApLn846m2UBmMX9lOX0fD_-JpLukvsEFgNv1JfOISQNZZL1gWLGIQQY1d7SDQrkQYqginCVJXxckGZYtdcYPA2-FalNLGubX-jki7fpzSM1cjt8wsSPoltNxW5lN0HZQ61BAOnq10uxhP8d9AWSUzAU49xyLz_WH0C_eo6rfsMef3MCoNBOzN5SB58XqIZra6-ofFxIcFRrZyP6YcILRVSlX8nD1SBlmc1crDJUeWdzUae-J_BZqWqT2sar44RezTac7W9zbXJDMA8HwCFtuZ7YR-WPGAOt-N2Hd3NgPpo_A-NIS_6XIAOF0y-B_SdIKxJVSpS_-mOk3beLm11RNn0-P3h7q75YFJdp08JtazYkVHwqFf0t_bGAcSAfmscEvJX-NnnnGT924EIWPfMbw7h57-cDAZLN-JxMCbu90WTBzFbl4N5t-2Kfg8YC7x7ykUBT_YD45mXJ6ZehNZ8oiCQM1zs2-YoTywgC_zc3BScEULA6KhiFVHNVz4cmYsVqnkonR6-nVfLkeYhWTmBYoZsLv2Z4XrGzBM7_VDmZwbqUZZg0QyglzMv84IOLF9YnSyZQZVJLBAYoUGoOCs6OMq0I3WERKvuZhgbjkWms&sai=AMfl-YSUKuHAOMs4kH4WvzohozjesAk-9EbNT5OhXf89uYcMoDs6PGMpm-ZHEiev5aBhSwjPxJw6-2Z9McGP27crhvwEjMiii9zUiQ4lPK_d7MiznkQD6Q_1sq7gNfn3J1RfIURlrv_qR4v0ltcEl4Wg93Md-pLOpameFoQ2J0sXf0GLHXewBb5YKfDmO-cAmMgOXsG4fIfuJNsbyOa53xWGQkWyabDMydGkUXtPeGlZIjoMFjLOEykAWDMkM9555khA4k87&sig=Cg0ArKJSzDPo50r9NwrzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=610&vt=11&dtpt=230&dett=3&cstd=377&cisv=r20230213.60368&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Feb 2023 11:21:15 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 464F 42 B
64 B 74ms
73ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufoXviQHJWMAu9w9V55BB9cdzaP_cjD4-jhseZ9rsHhz0JIppfz23dWzORbywGZtTEq7s-7PBWP9pmvqKUYQHoFHAqyrM5bD1xorugoF6nGsF4QagvsDp1TmkxKbmt6h74MdzqLQ&sai=AMfl-YQFzlmhzhXuG6H816DMTFUvnIc0hbkYHSEMpHVZrM8Dzg-4TBnTryFCV20TJbr1h0PnnIQc3-NMn1XsHkWMzSPA1IH3d50flZ5g5QxixaQh2AwIL4-JrMUVjBk&sig=Cg0ArKJSzNccoUnBwLxWEAE&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE&id=ampim&o=436,440&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=867&tls=1868&g=100&h=100&tt=1868&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6659 42 B
64 B 148ms
74ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxQqT9aFVzY4wKYor16PjUhO_JJPAnAVZ9u8_3WoMP3QeVXI04BSFCHqj5dSx5nHPUOs-F8nSvMdZflcSnPVfcpsiDPHEUsdKCjXnvkcJWoGIU10qN_n6KTPjQjFSIn8In26wFeA&sai=AMfl-YTzjV83C_Gz_iyl4AREP9rpgLJKIQNG9M_UZKBgguqzkmbBXCAmKp-fa_riF08kr6HLE3c1VVdHjpUESdCo7LYpUkzrTg-5prYxUzf_CjbNL9fLxJ6eQVWbgJQ&sig=Cg0ArKJSzHvbwuUh78IpEAE&cid=CAQSOwDUE5ymJ40VoNmOU-Nj7THeJ0ynJh1EwwFwsemBvsIX9m2BC8lM4I2j5JsjG193fxazVTohzDpGIWxeGAE&id=lidar2&mcvt=1000&p=1154,246,1244,974&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=0.51&if=1&vu=1&app=0&itpl=20&adk=2167971874&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676460073995&rpt=1072&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame EFE6 0
0 452ms
123ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBVCwQDvCr7zyPrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP013 /
Resource Hash

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Feb 2023 11:21:16 GMT
server: 33XP013
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 3C76 0
0 452ms
125ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dEiFysDvyr7yoErkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP020 /
Resource Hash

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
server: 33XP020
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 25B9 0
0 450ms
124ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a4ru10DvCr7yoDrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP014 /
Resource Hash

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
server: 33XP014
x-33x-status: 2000208

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame B41D 977 B
1 KB 32ms
31ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 2479
CF-Cache-Status: HIT
CF-RAY: 799da8b3cebd9bb6-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 15 Feb 2023 11:21:16 GMT
Expires: Wed, 15 Feb 2023 12:21:16 GMT
Last-Modified: Thu, 26 Jan 2023 15:01:29 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: K/9sTawdxS820Kz1PPG4Z6yJGpFjyzNweeCpJaMENYobDgDJtvDo95Eoz7NX8JzUgyyhM2PM1iY=
x-amz-request-id: 1AAGZVQ4A3EAX0C0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 97A8 0
0 447ms
124ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_spLCDvyr7zyPrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP015 /
Resource Hash

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
server: 33XP015
x-33x-status: 2000208

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E4B3 0
91 B 71ms
33ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 15 Feb 2023 11:21:16 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 5CD6 0
0 446ms
124ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9Y54uDvyr7yoErkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP017 /
Resource Hash

Request headers

Referer: https://steamerathletics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Feb 2023 11:21:15 GMT
server: 33XP017
x-33x-status: 2000208

POST
H2 200 / Show response
emxhb.emxdgt.com/biddr/ 21 B
147 B 492ms
115ms XHR
text/plain 52.21.197.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://emxhb.emxdgt.com/biddr/
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/80366559-1044.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.21.197.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-197-24.compute-1.amazonaws.com
Software: /
Resource Hash: 05f825acae8242e3c16d695e33232d62098a488fb5046f0e197b378d1ebd84d5

Request headers

Referer: https://steamerathletics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 15 Feb 2023 11:21:16 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 21
content-type: text/plain

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6659 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=561767890440&version=m202301230201&ct=119&x=1&cor=9643033328672390000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gc-background.png
steamerathletics.com/public/img/ 219 KB
219 KB 116ms
115ms Image
image/png 44.196.231.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamerathletics.com/public/img/gc-background.png
Requested by: Host: steamerathletics.com
URL: https://steamerathletics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.231.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-231-237.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: 9e3707040adb9ea7c2d2b93946441de2a1a10037acf2e303527b90aee86ed8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:21:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:50:07 GMT
server: Caddy
content-type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 131ms
37ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://steamerathletics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 53125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 20:35:57 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1933764698&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsteamerathletics.com%2F&ul=en-us&de=UTF-8&dt=Fulton%20High%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Modal%20Popup&ea=basic%20-%20do%20not%20be%20late%20to%20the%20game&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=952293475.1676460072&tid=UA-40199218-1&_gid=1695922729.1676460073&gtm=45He32d0n81NLSG7CZ&cd1=13873&cd2=Fulton%20High%20School&cd3=SSAPI&cd4=anonymous&z=1902127107

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://steamerathletics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 00:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40480
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIp_PzubSX_QIVgpx3Ch37mwl3EAAYACC-nbxXQhMItZyTubSX_QIVuYaDBx2NCwbB;met=1;&timestamp=1676460085584;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6659 42 B
251 B 83ms
69ms Image
image/gif 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp_PzubSX_QIVgpx3Ch37mwl3EAAYACC-nbxXQhMItZyTubSX_QIVuYaDBx2NCwbB;met=1;&timestamp=1676460085584;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: steamerathletics.com
URL: https://steamerathletics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:21:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/sync/

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=500&ts=1676460072603&src=pbjs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=c_spLCDvyr7zyPrkHcnlKl

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=dEiFysDvyr7yoErkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=d9Y54uDvyr7yoErkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=aBVCwQDvCr7zyPrkHcnlKl

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=a4ru10DvCr7yoDrkHcnlKl

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bE7MWsDvCr7yoDrkHcnlKl

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=b7ZdOCDvCr7zyPrkHcnlKl

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=cyY1dUDvCr7yovrkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=cZ9bVKDvCr7zyPrkHcnlKl

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.steamerathletics.com/	1970-01-20 10:09:53	Name: cfid Value: 05febf50-1f37-42df-8fbb-5b50199504f9
.steamerathletics.com/	1970-01-20 10:09:53	Name: cftoken Value: 0
steamerathletics.com/	1969-12-31 23:59:59	Name: ERD Value: 85D80DB37237ABC09D1F02A14A969856
steamerathletics.com/	1969-12-31 23:59:59	Name: dt Value: 2023-02-15T11:21:12.213Z
.steamerathletics.com/	1970-01-20 11:50:36	Name: _fbp Value: fb.1.1676460072382.2061585464
steamerathletics.com/	1970-01-20 09:42:26	Name: ln_or Value: eyI1NDk3NzgiOiJkIn0%3D
steamerathletics.com/	1970-01-20 19:08:21	Name: __atuvc Value: 1%7C7
steamerathletics.com/	1970-01-20 09:41:01	Name: __atuvs Value: 63ecc0289207b856000
.linkedin.com/	1970-01-20 10:24:12	Name: UserMatchHistory Value: AQJ2m0E_suxlIgAAAYZUzp7g9wzf_UccfHR25esZ5Apozenb_3lrsELSLCQbLbE7TLxPUuMH-19mRg
.linkedin.com/	1970-01-20 10:24:12	Name: AnalyticsSyncHistory Value: AQKWgnNdyI-oIAAAAYZUzp7gy4rSre9fnodC04ALFyqy8NMGbMuy3mSL63ATz5PUS9Er_D-SNtdTnDMN_FitjQ
.linkedin.com/	1970-01-20 18:26:36	Name: bcookie Value: "v=2&c0439a6d-07b3-46b4-801c-ecfeb438dcb2"
.linkedin.com/	1970-01-20 09:42:26	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2839:u=1:x=1:i=1676460072:t=1676546472:v=2:sig=AQEV7KGfJt2oinSB11TKu1x967M5WtIW"
.addthis.com/	1970-01-20 19:08:21	Name: uvc Value: 1%7C7
.steamerathletics.com/	1970-01-20 19:17:00	Name: _ga_HCV41WEQLC Value: GS1.1.1676460071.1.0.1676460072.0.0.0
.quantserve.com/	1970-01-20 19:11:14	Name: mc Value: 63ecc028-dc1d9-dfebc-0ad12
.steamerathletics.com/	1970-01-20 19:17:00	Name: _ga Value: GA1.2.952293475.1676460072
.steamerathletics.com/	1970-01-20 09:42:26	Name: _gid Value: GA1.2.1695922729.1676460073
.steamerathletics.com/	1970-01-20 09:41:00	Name: _gat_UA-40199218-1 Value: 1
.steamerathletics.com/	1970-01-20 19:05:28	Name: __qca Value: P0-713033962-1676460072504
.www.linkedin.com/	1970-01-20 18:26:36	Name: bscookie Value: "v=1&20230215112112aa6ada75-d641-40fa-8462-801bec8f62ecAQEe2DhLDHvAfhOqevEk-OolLBLYySut"
.linkedin.com/	1970-01-20 14:00:12	Name: li_gc Value: MTswOzE2NzY0NjAwNzI7MjswMjGOIUaj9Q2xBz0zBu/NR7R7BcdtbnyZH7aOuqc1Yix1VA==
.addthis.com/	1970-01-20 19:08:21	Name: loc Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 19:02:36	Name: IDE Value: AHWqTUlRde8jx0PbBmxHkuRN1FFU9a3BTGe3R_Uq_oGUdlhtezYNfr-GSmFz8kwcy3s
.steamerathletics.com/	1970-01-20 19:02:36	Name: __gads Value: ID=2e0971c6a6cdeee3:T=1676460073:S=ALNI_MbxtMm3EhXzxZqb_LS_-ioMOH_WPQ
.steamerathletics.com/	1970-01-20 19:02:36	Name: __gpi Value: UID=00000bb71bb4787e:T=1676460073:RT=1676460073:S=ALNI_MaOuY54JVqtgpyEceWvJaALrDT-pA
.adtriba.com/	1970-01-20 19:17:00	Name: atbgdid Value: f1bff2c7-6584-4b22-b679-43b13b4ab7d9
at.bahn.de/	1970-01-20 11:50:36	Name: exactag_new_gk Value: 0b9b2963378d44d9835c9ef52861b726%7c16.04.2023+11%3a21%3a14
at.bahn.de/	1970-01-20 14:00:12	Name: exactag_new_uk Value: fa9a3918649c4be3bdb2d9f5b10c9c18%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: c225437a5a1d4334842f174a
.casalemedia.com/	1970-01-20 18:26:36	Name: CMID Value: Y.zAKqBkVisZOCJ9P6HkqAAA
.casalemedia.com/	1970-01-20 11:50:36	Name: CMPS Value: 5137
.casalemedia.com/	1970-01-20 11:50:36	Name: CMPRO Value: 5137
.adnxs.com/	1970-01-20 11:50:36	Name: uuid2 Value: 852854241126185650
.adnxs.com/	1970-01-20 11:50:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>wnVuG=!@wnfH8K6pQK`!5=E<L5?%M-2cz##kDUpW0uF]Ih/?@W6ERR[Ac^:Mp7wl.%nugO%v4VB%nnBv$<nn
.turn.com/	1970-01-20 14:00:12	Name: uid Value: 2986242246189309400
.adfarm1.adition.com/	1970-01-20 11:50:36	Name: UserID1 Value: 7200341190909360272
.de17a.com/	1970-01-20 18:19:24	Name: guid Value: 1.4119751490285116739
.doubleclick.net/	1970-01-20 09:41:03	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 09:42:26	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:26:36	Name: KADUSERCOOKIE Value: D3BDBC16-35BA-47B8-B7D0-A3180E939079
.yahoo.com/	1970-01-20 18:26:57	Name: A3 Value: d=AQABBCvA7GMCEHAnhDWdrkGwHZuj77bj02IFEgEBAQER7mP2YwAAAAAA_eMAAA&S=AQAAAiEqKIi4WgSIFipB1bDuANM
.lijit.com/	1970-01-20 18:26:36	Name: ljt_reader Value: GKRJtGZHPQqEaKPjR4i3wvbw
.tribalfusion.com/	1970-01-20 11:50:36	Name: ANON_ID Value: awnsIHyOZbSEoJTyBqKuZcZbtsZa74GZdWr1ys4FEOuEWp3gXUh2TfEeqUTubAZbXMK6Zc8tKko6dTHQHhKZbV0WMfK2ZaCZdg
.bidswitch.net/	1970-01-20 18:26:36	Name: tuuid Value: 4dcfde2c-d24f-4b37-a5b6-108f007ff0ae
.bidswitch.net/	1970-01-20 18:26:36	Name: c Value: 1676460075
.bidswitch.net/	1970-01-20 18:26:36	Name: tuuid_lu Value: 1676460075
.awin1.com/	1970-01-20 09:43:52	Name: awpv20044 Value: 412871\|1676460075\|dc6edde0-ad22-11ed-9a3d-2232032dcacf
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://biddr.brealtime.com/check.js?nnn=1676460071961 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	URL: https://97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8840107762433130496/300x600/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97bb9070c5009e7e0ffee26e6bc5ca1e.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api-public.addthis.com
as.ad4m.at
assets.ad4m.at
at.bahn.de
biddr.brealtime.com
bigteams-public-prod.s3.amazonaws.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.datatables.net
cdn.getcustom.net
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.whatfix.com
cdnjs.cloudflare.com
centro.pixel.ad
cm.g.doubleclick.net
connect.facebook.net
d.adtriba.com
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic-cdn.azureedge.net
e1.emxdgt.com
emxhb.emxdgt.com
eyepopperdigital-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
ib.adnxs.com
image6.pubmatic.com
m.addthis.com
onetag-sys.com
pagead2.googlesyndication.com
partners.spiritshop.com
pixel.quantserve.com
pixel.sitescout.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
protected-by.clarium.io
px.ads.linkedin.com
px4.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
schoolassets.s3.amazonaws.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
stats.g.doubleclick.net
steamerathletics.com
syndication.twitter.com
tpc.googlesyndication.com
tracker.bespoketechnologies.net
u.openx.net
v1.addthisedge.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
z.moatads.com
e1.emxdgt.com
hb.emxdgt.com
s7.addthis.com
ssc.33across.com
104.17.119.107
104.244.42.200
104.81.63.203
13.107.42.14
142.250.201.194
142.251.208.98
18.65.39.56
185.64.190.78
185.80.39.216
185.86.138.152
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
207.198.113.205
213.155.156.182
216.52.2.48
23.203.124.118
23.203.125.127
2600:1901:0:76b9::
2600:9000:2104:2800:2:53b2:240:93a1
2600:9000:238d:6800:6:44e3:f8c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::ac43:e8b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:106b
2606:4700::6812:19ad
2606:4700::6812:1b8f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:400d:802::200a
2a00:1450:400d:803::2001
2a00:1450:400d:803::2002
2a00:1450:400d:806::2002
2a00:1450:400d:807::2004
2a00:1450:400d:808::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::2006
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::200a
2a00:1450:4025:402::9c
2a02:26f0:11a::6867:4832
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::485
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
3.122.24.207
3.65.4.114
34.250.52.94
34.98.64.218
37.252.171.21
44.196.231.237
51.89.9.252
52.165.229.182
52.21.197.24
52.216.206.235
52.217.133.81
67.202.105.23
85.114.159.118
85.14.248.71
98.98.134.242
0158a7a3fd4a43fd01c6051d73c8507d87989abb39e83b3dbb8e3fe806ef77cc
0492c31ed7e58618df0450a475bdb4a483cd9efdc88b00c438ae9a51f607d326
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
052a46b6745e0aad7a18525f05338d4dfe93bb42f10da96ea8ebd3af4f075c7f
05a0784790c582d1b574f25a628bc1244a602b7918e58ae472fe1ec5cfa0dab9
05f825acae8242e3c16d695e33232d62098a488fb5046f0e197b378d1ebd84d5
066554332e6f4925bcdfdf2025fa6750cea08b40db9bfd90ffc89c2fc260520e
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
07d2de78fa3086a3a74b2de1caa54b67ac469dbaff72ca0128a8b0a8c38cfd80
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
0afc284da789311cfbbbf9004ff65eb5ea8c7f7655c02aa60692e0e6dfc0d435
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e39f409c3804b6b98b13fdf962451f3d652173cc34ad42a9b42d74091667052
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
0e65a111b64b0353e4587a6b2e8fd195120db82184d4587b748b0ab1876d2b7b
0ee117494af512be96b6ba09493f371bff6a0bfca9e730e03206c02cb7ff18e7
10a993cf5597001afbf1e04f6406a2a606e5e4e3bb0247dfbfcd1ff8fbabb5e4
10a9fb5d2ecbd02c966d468b816e56a9394148f2b1c903bcf0e45125e09980b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
1c2f9a704df8eed1fe0f81eb567a9e3f7acf97b4ac86b9f312178fe18b00731c
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f1670c321171931043a0fdef97b00a0eb6b5ba628615aaec7d84aa333b760f2
1f1cca371a6cb4f8406e171c6969d278b82891a81dc328a4298fa4e6fb7d616f
2083b5c97da050c0673842bb830fc6d0ec138366b82408328d867f73a84fbeec
235beeca4b2f9a92e24dd4701491f98b9dcc65d0619fe6de2917c5ab430a6a6c
23a7efb399c2c59bb26a9f00d9b6bea8c3f74a5485107cd3447503f06ce853fb
25a21d2beef7b3e858a780f63c20d2730e81bcd02d8a5ef53f154fd82161bad6
27f4f8c4e1a3e994654a002d379f3827c721aea22720e2affe603177dcb74116
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
2bacdf7bb4a572e4f265de06190e8aef0ddd976df73514633645ed822bfde3c4
2c094b306d7837827fd6c3c6251b2c65b807649be0624ba0f9686f4efe4a2506
2cb6b4b568edadbf87a7281c955447ce91b1d0c6e00503b7732b7604500d250b
2ccfa4dceb094c92eb28975b0f7c9b0716360ebaf1375cc592db28c7c7210c5e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3a3e39820c10b9cd68fe9060c18ab70365d00c043d7f912025a915c931eb59
2ffa88206ff38916fbb5611267cfcba83abd94e5c98c43023f3d6aab11ee4cb6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3254df411777387cbcd6df2b03fa5b6015947d4010010d48c80a9886be0a8ae9
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
33f6032f39d16c01f513447950d5f39874adecf5dc701c965465019b9d037ac8
35a55463a8fba703f3b9ca9150f10745d5ad6978b5edfdf0fa439c71f73752bf
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367db0e22ab8a38cd77c4c13ea16340e70aafd2f471d6d8df3801b4dcb6142b2
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39db02385bc7afbb4975ee9b2e7e4c3970d29e2cd888aac2703fcd279c55accf
3a92255192d67c0139d64b7fe64aef88c46f48b2d1c3fbf9d6eb8aaae4adce24
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
3bd958a91bb8e7d8b0c5637aedbc680f38b9847c4f2551b0a79c558008ea8329
3bfd2e4f5fd5953a746a489404527b3336fedc403b97aac5d93d828f010d2e98
3c0d86ea1d47184e908590f6c7e6c293c27fb96614727e041e4d0fc8543babf8
3c28880b3d51fd9451943ce7340d8c2dcee3358198449a3d0941afd2b6cd4361
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3f3f0324594090c22802996c9840851ce084b07c01044b4b0f0b913e63527a2e
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
414d61828881721cacd40ce6b08cdc985119924b34b169a9a63a6cfc2f7f5518
41513de414da3ddb38a8dde79e8ade049eb8297fdcb13e2629958b790e5f48c1
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4432f1fd6b72ee70f205f3aa007955c3d1c428e82da86c2f3f3724dabe91164f
4502a9956a8a5f68d505e26be08737ce1b23eada982a245f64763db31e3a452e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470785b24a2ecd865c18838e06f3a1b673f180d2a18292788bc863cccccb3866
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a45759fbf4fd7044802bae4590f14b90d73b150b01b11dc442e9050575087be
4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e167383fcff15e8bc7ba9c2ae696a7a88f6717b9bfb1716092090e83d8afe7f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
543d926def085007c4d0c5fe9ca377c15dbf5f7af488a97111f1644a646fab93
554842023a5e65705fb02af49e21bbd0bc48915901af987c02fea228212eb73b
5787e930e74e0852766cc7c7047ac7adbbee9681f6a0cb4833a98f932724e1af
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
58eaa2532084ab92c210f5da9c52969131d11014511a3d5b16c83ad51f0024c0
59481d6557ebb6d24ae4c4c42b4d84dc7576ca1652f5bef672b6c46583efdd8e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aa93e7401f9a3344d1f891eacfb0cf698bf56cc5d7cb2586bfe0d82d1c8c4b0
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ed9ea9df21c3ba44a5cd9671017be936881915a88ed9e62d1477ea800443bb1
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
610c417cb7cfd3f4327df5d93530c5112e48157af1bfe85813d6f634ae5319cc
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
68552dc97a6eb603042d2ae84c9995dbd8275108348beaad658d74be43530427
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fe54a55cbd243f51f66ea1c26cda6c45cf6c2d377061c773ef74c60112d0a21
70aa23ecdc80fb73ac5d2c83b09b3263b4d960c3167af0f06d8e4ad6aee187f6
75b93779692d7a84ab386daa7fbcf9a0d05202e552521879620b73f0670ccd2a
75dd8f2682b80841efb8ed906d35999636a1c24d9acc969644d8a1144b7a1bbe
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
7902bbb12710c28f7b9271d4de787cb054a9a4523fe5312261561d128020bb6d
7924e6ccf12c18da5ef7d3ef52465816c434c9c16e87f7b735ea5f8e6ab31ab2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7
7aa80b43b95b74bc318d46be11b2ad2ab87b630de06ed7d7bfa232042ee1e7cb
7b0485b0c7f9acedd0ee54f27d8a9fba84dd05528fb31d7cbd22ee67fc319482
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ccabdce478f54e281aa6ce15265b9f727757da6f36d7e7f12d07a78dfbf56a2
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7e7c3c31b5bffec747f28793d021950ef2ba45c431a038f2e1d5e6bbadae70c3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402
82c6660afbbcbc647a384babecd333066bc1d4b6391b79c569fb8e807fee4450
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8
8bdde2de62dbc0ee6884be879ae01087c577529c8efa022464ad8f96726bce31
8c87d1648610fbd2dcc6ef341b0bd19ab697f68905cbb5a188f6aeb71ce4ddd6
8dd14be7731fa74d6fbca656d110ce972389049eaf3420a496afccdad868d88f
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
900e823ee99149e43a2341e935abb3c72105d035c787e678f4d42150ff9021fd
915e2604209554dfc09921ccaf3eff11f4654130f8f73c5bebd8a11a14f25fd0
917d937ef0ce46defe4f446f18d05e53dafe3bc01768ab806201ddad28f12a25
91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
9346a36c65266f86fb5aa99f2f734080ec673fea6a548010f842d9c6c89c3b15
93ae81483be2e9705db4cd911fa410bc2cf6c24f355dc5ac899de49fab854e63
957e5381f4e7f4e4944ad18bfda1c7018902f3234abffbad3480a380265af30a
96074ee9a4154b0e60285f45eed64776e52374bdc15f3311d8dd71fba43d1e6b
9655be297be565317e178de11e09d3011a8b91f8b304727479f4ffcdcdd881fd
9a8fba6b5ff22acf96f9cdfda2ec0a83fa775f7184b3c5c8b66aab03ef6f1214
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d93976a246e7d50d4f91db2f89456d2c8624f778d310e7a1470899aaad24df6
9e3707040adb9ea7c2d2b93946441de2a1a10037acf2e303527b90aee86ed8ae
9f14b873ea6ae96cc4edf9521730297f636148c4763582d90e9e48e3ce9f7cfd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a088325e54ce71c3bbedb0299f3ccfb17c7f71032942d73015c249705094e818
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61deeae6f85909ec179525faba032231d36bbbc4185ddd8d4f6077b23f689cb
a6303daad046d4ed303006eb313b04724ecbee171da2e9dca0f24cd84ff57e65
a80891a9d17794528ea2a9e3a910ce850ce4c2a5f07aaf80b5ea181fa25e0a06
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
aa8067c1709ab463f25f0b588cb5892b59dc8107acd4b2f9bb9551b0bf493571
aa9de0dd76cb60b69757eb9582ec8541f192b974f25ad2ef63227c26e1967c33
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedfb1901d5367408c3a2f996641c4c713aa66c8ccf5bf643507149a8297882e
af2a858079c4e7c4b2ec2cae47149b36ecbac2eecb104e5f3361e1ad6c45a8b9
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35c0ceeb28996bff5e2a6864d4a0b4c8b79b4ece9e450601524c2344cc7b797
b3a9e7ca240a3c3c6604c64a44f5ab4ef56441a4a3cd1a36fd0810fbd0a0a9be
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
bf97518d6c193c0185a7e9751971bfd400b68d64ca0b7698af3d9fb8630050c2
bfa530083e42dd6d0784b5e4ddefafd7f12c8aaaa2066d5e8c68e411c8765c83
c0eab715a62fe239cce40aec049d3322a4cd125bd7f1521e9e2526b8cc663d67
c15d4b037bf494f9db59a36e757498773561ebb185642a326c7b0d5ff221fdfa
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c5d89aedaaf9b5ab879bd8f82d378002df2046fe87822911fe61d9da7da43b85
c6162ff0f23f90b78ede5ba4428cca8c8b3d659b6081b2d8329d8bdb907b8146
c92931153e6083df5c676984bab331beece266622a07abffb0dd68753728bc9b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace
cafaf87f2729d8c76956e7624b62c4739a061a39d419ed9526b0f222e6cbdbc7
cd3956cd9f364d92629af639bad232362e05e118521dab36c3d29d0e17d259aa
cfcb6907adc12c6392641a3f500f2ec015662dffaa26e5a2037e732355e50261
d053bd3cbc23fc66b5ebcaa44eb13812e675b5293541117ab0e8a58355ae920e
d1b6f2722aafea930d157f4a8325aa38e860ad2a765616ad19544d1f69703d34
d37c85cab4214d6cc19fc91d1d80ec109a9880bbc237bcccad16dcaa2464a22e
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d61d003e41427127565cc4611dc3405ff02b9e0c465acf8be65aeea189fffaaf
daf090b7a173b311eddf91b12e60850a296896b351a72f2c59eb9c7ea81083fd
df8ed4df996ea8874763197863f3077bf50cf10fb648919a389af3f786182035
e18ab70fcc27dff1a70103041cc8762d63a9cd23b99bc63880f44eb44d70668c
e383411ee6481cb6c6fc6202e9cb8f49c4131d992a9158d100eb5d54e1d56935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41bbfc2e2b09d931b9e84a0da41482603f98c919cae0ab5921e8a6e1e2afadd
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e730e81df36e1a1a436d15438981e285a5035290bbd09440afac0dde252b46b1
e9e83e80822ebd153c796b6cfd9f0ad498dfc164d8fa13e9d37f23cf8126a3c8
ebe141049ad8f106d836ce807823f72529f39a64d7ffe605b4de2248eb5848a6
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5c81ef2da1ec6cf10ba8ed9728e8a19aae72253c5f2fcc7a2d92dfbf6d10836
f5da98b42a1c4e4ec222800de4f233003592c07ce13109c12e4221a5bcc02a1e
f61979614d121cf605214d49cb31f065bee79dbc9b31a0ef3f6e712050cf33d3
f72d99e74b4a41f03ad59dc3e2643303515a27b0f1fb63be1bce80012aadbe8a
f82ad0999f4da1e2c0532424720de082c5e0562245b11304013c339ab7449dc3
fb2bedac3ecde93ccf2d865e121a660a804db7d39205f0909e6c17d3874a0d55
fd28f2e6c915331e0ea7eb3ffdeff892fe75e600d0c7db2fde763d45b939075b
fdf0a84fa8501ecae3d49ff09fba0daa05a6b66f5a950d904705a6d81d05a35a
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fe2a2226123a364a140e44b206bbbb2595065c642176697a6a6042dc0a537f90
feb998ee859d5be454de4e1f4c1ba6ebe805ec38cbc32a44c686aee37653b74f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

steamerathletics.com Open in urlscan Pro 44.196.231.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

309 Requests

90 %HTTPS

57 %IPv6

59 Domains

86 Subdomains

63 IPs

11 Countries

12546 kBTransfer

18658 kBSize

48 Cookies

17 Outgoing links

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

steamerathletics.com Open in urlscan Pro
44.196.231.237 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

90 %
HTTPS

57 %
IPv6

59
Domains

86
Subdomains

63
IPs

11
Countries

12546 kB
Transfer

18658 kB
Size

48
Cookies

309 HTTP transactions
6 data transactions