www.overtake.gg Open in urlscan Pro
95.179.177.152 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Submission: On December 18 via api (December 18th 2024, 1:13:53 am UTC) from US — Scanned from US

Summary HTTP 271 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 92 IPs in 7 countries across 67 domains to perform 271 HTTP transactions. The main IP is 95.179.177.152, located in Amsterdam, Netherlands and belongs to AS-VULTR, US. The main domain is www.overtake.gg. The Cisco Umbrella rank of the primary domain is 590021.
TLS certificate: Issued by E6 on November 15th 2024. Valid for: 3 months.

This is the only time www.overtake.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	95.179.177.152 95.179.177.152	20473 (AS-VULTR) (AS-VULTR)
38	151.101.131.42 151.101.131.42	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::61	15169 (GOOGLE) (GOOGLE)
5	104.20.106.152 104.20.106.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::6815:33e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:2f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c00::5e	15169 (GOOGLE) (GOOGLE)
3	3.171.86.171 3.171.86.171	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4004:c1f::8a	15169 (GOOGLE) (GOOGLE)
1	18.160.10.101 18.160.10.101	16509 (AMAZON-02) (AMAZON-02)
4 11	2606:4700::68... 2606:4700::6812:1ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.167.112.98 3.167.112.98	16509 (AMAZON-02) (AMAZON-02)
1	52.205.45.196 52.205.45.196	14618 (AMAZON-AES) (AMAZON-AES)
1	147.75.198.144 147.75.198.144	54825 (PACKET) (PACKET)
1	2620:100:a00b::9 2620:100:a00b::9	19750 (AS-CRITEO) (AS-CRITEO)
1	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	134.209.129.201 134.209.129.201	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
2	172.64.153.66 172.64.153.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.65.37.179 207.65.37.179	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.160.72.119 34.160.72.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.167.113.34 3.167.113.34	16509 (AMAZON-02) (AMAZON-02)
1	107.22.180.23 107.22.180.23	14618 (AMAZON-AES) (AMAZON-AES)
1	52.87.138.103 52.87.138.103	14618 (AMAZON-AES) (AMAZON-AES)
1	23.21.14.225 23.21.14.225	14618 (AMAZON-AES) (AMAZON-AES)
4	23.204.206.35 23.204.206.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1 11	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:ae80:147... 2606:ae80:1471:16::820	26762 (CNVR-US-EAST) (CNVR-US-EAST)
7	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	98.82.157.137 98.82.157.137	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
1	35.155.132.249 35.155.132.249	16509 (AMAZON-02) (AMAZON-02)
4 4	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
6 6	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	172.217.222.154 172.217.222.154	15169 (GOOGLE) (GOOGLE)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
11	2607:f8b0:400... 2607:f8b0:4004:c09::65	15169 (GOOGLE) (GOOGLE)
17 21	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
1	162.19.138.119 162.19.138.119	16276 (OVH OVH SAS) (OVH OVH SAS)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c03::9d	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.167.69.77 3.167.69.77	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1 1	44.210.213.98 44.210.213.98	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.232.220.69 3.232.220.69	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.215.165.113 3.215.165.113	14618 (AMAZON-AES) (AMAZON-AES)
1 1	207.65.37.181 207.65.37.181	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.0.223.57 52.0.223.57	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	34.228.175.96 34.228.175.96	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c09::63	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:235... 2600:1f18:2352:af01:7309:938c:6f1b:193f	14618 (AMAZON-AES) (AMAZON-AES)
1	209.204.231.174 209.204.231.174	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	192.40.39.192 192.40.39.192	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	34.42.134.208 34.42.134.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.217.222.149 172.217.222.149	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::84	15169 (GOOGLE) (GOOGLE)
20	37.19.207.34 37.19.207.34	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
4	2607:f8b0:400... 2607:f8b0:400d:c01::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4998:60:... 2001:4998:60:807::1	14196 (YAHOO-CHA) (YAHOO-CHA)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1	172.217.222.148 172.217.222.148	15169 (GOOGLE) (GOOGLE)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.207.37.116 52.207.37.116	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	34.34.170.154 34.34.170.154	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:9000:24f... 2600:9000:24f4:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
6	2400:52e0:1a0... 2400:52e0:1a00::1233:1	200325 (BunnyCDN ...) (BunnyCDN BUNNYWAY)
7	2600:1f18:1ac... 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
1 1	35.211.118.13 35.211.118.13	15169 (GOOGLE) (GOOGLE)
1 1	68.67.181.248 68.67.181.248	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.34.190 104.18.34.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.22.30.188 52.22.30.188	14618 (AMAZON-AES) (AMAZON-AES)
1	147.28.129.140 147.28.129.140	54825 (PACKET) (PACKET)
1 1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.165.154.102 54.165.154.102	14618 (AMAZON-AES) (AMAZON-AES)
1	23.50.125.215 23.50.125.215	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	34.194.79.112 34.194.79.112	14618 (AMAZON-AES) (AMAZON-AES)
1	23.54.68.197 23.54.68.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.18 104.18.25.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.211.170.34 54.211.170.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:f32d:d8cc:aff8:3160	14618 (AMAZON-AES) (AMAZON-AES)
4	52.207.45.55 52.207.45.55	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.224.244.205 54.224.244.205	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:100:a00b... 2620:100:a00b::28	19750 (AS-CRITEO) (AS-CRITEO)
271	92

25 95.179.177.152 (Amsterdam, Netherlands)

ASN20473 (AS-VULTR, US)
PTR: 95.179.177.152.vultrusercontent.com

www.overtake.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.131.42 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.20.106.152 (None, )

ASN13335 (CLOUDFLARENET, US)

cloudmetrics.xenforo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:33e4 (United States)

ASN13335 (CLOUDFLARENET, US)

overtake-data.community.forum	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb-vntsm-com.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.171.86.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-86-171.iad89.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1f::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:1ad8 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.112.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-98.iad55.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.45.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-45-196.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::9 (United States)

ASN19750 (AS-CRITEO, US)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.209.129.201 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.66 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.72.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.72.160.34.bc.googleusercontent.com

pbs.optidigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.113.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-113-34.iad55.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.180.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-180-23.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.138.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-138-103.compute-1.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.14.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-14-225.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.204.206.35 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-206-35.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1471:16::820 (United States)

ASN26762 (CNVR-US-EAST, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.157.137 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.132.249 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-132-249.us-west-2.compute.amazonaws.com

ids4.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.117 (Colonia, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.113.62 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:c (United States) 2 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c09::65 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 162.19.138.117 (Frankfurt am Main, Germany) 17 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.69.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-77.iad61.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.213.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-213-98.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.220.69 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-220-69.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.165.113 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-165-113.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.181 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.223.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-223-57.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.175.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-175-96.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2352:af01:7309:938c:6f1b:193f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pn.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.204.231.174 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5693.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.40.39.192 (Canada)

ASN27381 (CASALE-MEDIA, CA)

k8s1-event-tracker-ny.lb.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.42.134.208 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.134.42.34.bc.googleusercontent.com

edge.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 37-19-207-34.bunnyinfra.net

cdn.prvk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c01::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c1d::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:60:807::1 (United States)

ASN14196 (YAHOO-CHA, US)

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.37.116 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-37-116.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.34.170.154 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 154.170.34.34.bc.googleusercontent.com

edge-cs-external.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f4:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1a00::1233:1 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)

v-cdn.prvk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.202.130 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.118.13 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com

r.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.181.248 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.190 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.30.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-30-188.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)

sync.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.154.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-154-102.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:234 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.opti-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.194.79.112 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-79-112.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.170.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-170-34.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:f32d:d8cc:aff8:3160 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (United States) 1 redirects

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.244.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-244-205.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a00b::28 (United States)

ASN19750 (AS-CRITEO, US)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 31545	418 KB
26	prvk.io cdn.prvk.io — Cisco Umbrella Rank: 97548 v-cdn.prvk.io — Cisco Umbrella Rank: 306295	2 MB
25	overtake.gg www.overtake.gg — Cisco Umbrella Rank: 590021	3 MB
22	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619 p.ad.gt — Cisco Umbrella Rank: 1714 ids4.ad.gt — Cisco Umbrella Rank: 2415 ids.ad.gt — Cisco Umbrella Rank: 1557 pixels.ad.gt — Cisco Umbrella Rank: 1708 seg.ad.gt — Cisco Umbrella Rank: 1984 proton.ad.gt — Cisco Umbrella Rank: 4167	21 KB
22	id5-sync.com 17 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	61 KB
15	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 284 ad.doubleclick.net — Cisco Umbrella Rank: 145	218 KB
14	google.com analytics.google.com — Cisco Umbrella Rank: 142 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	76 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 680 static.adsafeprotected.com — Cisco Umbrella Rank: 639 dt.adsafeprotected.com — Cisco Umbrella Rank: 537	113 KB
11	ingage.tech 4 redirects ex.ingage.tech — Cisco Umbrella Rank: 3925 cs.ingage.tech — Cisco Umbrella Rank: 4964	1 KB
10	venatusmedia.com edge.venatusmedia.com — Cisco Umbrella Rank: 17178 edge-cs-external.venatusmedia.com — Cisco Umbrella Rank: 271099	848 B
7	criteo.com 1 redirects grid-bidder.criteo.com — Cisco Umbrella Rank: 1731 gum.criteo.com — Cisco Umbrella Rank: 450 Failed dis.eu.criteo.com — Cisco Umbrella Rank: 8562 ssp-sync.criteo.com — Cisco Umbrella Rank: 980	1 KB
7	lijit.com 5 redirects ap.lijit.com — Cisco Umbrella Rank: 780 ce.lijit.com — Cisco Umbrella Rank: 973	10 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468 s.amazon-adsystem.com — Cisco Umbrella Rank: 337	93 KB
6	googlesyndication.com dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	102 KB
6	tapad.com 6 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
6	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1591 rtb.gumgum.com — Cisco Umbrella Rank: 1533 usersync.gumgum.com — Cisco Umbrella Rank: 1606	3 KB
5	openx.net 5 redirects u.openx.net — Cisco Umbrella Rank: 761 us-u.openx.net — Cisco Umbrella Rank: 525	1 KB
5	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 281	5 KB
5	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 494 image2.pubmatic.com — Cisco Umbrella Rank: 886 image6.pubmatic.com — Cisco Umbrella Rank: 983 ads.pubmatic.com — Cisco Umbrella Rank: 570	891 B
5	xenforo.com cloudmetrics.xenforo.com — Cisco Umbrella Rank: 115519	909 B
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 393 r.bidswitch.net — Cisco Umbrella Rank: 6999	1 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	3 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120	106 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 3097	10 KB
3	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 505 token.rubiconproject.com — Cisco Umbrella Rank: 500 eus.rubiconproject.com — Cisco Umbrella Rank: 616	3 KB
3	kueezrtb.com exchange.kueezrtb.com — Cisco Umbrella Rank: 4639	60 KB
3	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 496 a5693.casalemedia.com — Cisco Umbrella Rank: 71466 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521	1005 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	296 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 332	33 KB
2	indexww.com k8s1-event-tracker-ny.lb.indexww.com — Cisco Umbrella Rank: 3949 js-sec.indexww.com — Cisco Umbrella Rank: 698	104 B
2	yahoo.com 1 redirects pn.ybp.yahoo.com — Cisco Umbrella Rank: 1633 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 534	3 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 615	815 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	13 KB
2	sonobi.com 2 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	1 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	24 KB
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 576	370 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 551 eb2.3lift.com — Cisco Umbrella Rank: 429	5 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 788 sync.a-mo.net — Cisco Umbrella Rank: 1726	1 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1313	104 B
2	gstatic.com fonts.gstatic.com csi.gstatic.com	32 KB
2	community.forum overtake-data.community.forum — Cisco Umbrella Rank: 936190	18 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 606	227 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717	595 B
1	deepintent.com 1 redirects match.deepintent.com — Cisco Umbrella Rank: 1088	451 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 530	317 B
1	opti-digital.com scripts.opti-digital.com — Cisco Umbrella Rank: 11685
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001	301 B
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 768	933 B
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 2145	14 KB
1	360yield.com 1 redirects ice.360yield.com — Cisco Umbrella Rank: 2446	506 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 899	485 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	287 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	443 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3098	463 B
1	optidigital.com pbs.optidigital.com — Cisco Umbrella Rank: 9355	253 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1527	627 B
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 22775	663 B
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 975	1 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1618	67 KB
1	fastly.net hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 19559
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	938 B
271	67

	Domain	Requested by
38	hb.vntsm.com	www.overtake.gg hb.vntsm.com cadmus.script.ac
25	www.overtake.gg	www.overtake.gg
21	id5-sync.com	17 redirects cdn.id5-sync.com
20	cdn.prvk.io	cadmus.script.ac www.overtake.gg
11	fundingchoicesmessages.google.com	cadmus.script.ac
9	cs.ingage.tech	4 redirects cadmus.script.ac
8	edge-cs-external.venatusmedia.com	cdn.prvk.io
8	ids.ad.gt	1 redirects
7	dt.adsafeprotected.com
7	securepubads.g.doubleclick.net	cadmus.script.ac www.overtake.gg
6	v-cdn.prvk.io	cdn.prvk.io
6	pixel.tapad.com	6 redirects
5	ce.lijit.com	4 redirects cadmus.script.ac
5	p.ad.gt	a.ad.gt p.ad.gt
5	cloudmetrics.xenforo.com	www.overtake.gg cadmus.script.ac
4	usersync.gumgum.com
4	pagead2.googlesyndication.com	cadmus.script.ac www.overtake.gg
4	match.adsrvr.org	4 redirects
4	secure.adnxs.com	4 redirects
4	secure.cdn.fastclick.net	www.overtake.gg secure.cdn.fastclick.net
4	www.google-analytics.com	cadmus.script.ac www.google-analytics.com www.overtake.gg
3	ssp-sync.criteo.com
3	x.bidswitch.net	3 redirects
3	static.adsafeprotected.com	www.overtake.gg
3	ad.doubleclick.net	1 redirects www.overtake.gg
3	cm.g.doubleclick.net	1 redirects
3	u.openx.net	3 redirects
3	elb.the-ozone-project.com	hb.vntsm.com cadmus.script.ac
3	exchange.kueezrtb.com	hb.vntsm.com
3	c.amazon-adsystem.com	hb.vntsm.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.overtake.gg cadmus.script.ac p.ad.gt
2	us-u.openx.net	2 redirects
2	gum.criteo.com	cadmus.script.ac
2	pixel.adsafeprotected.com	1 redirects www.overtake.gg
2	www.googletagservices.com	cadmus.script.ac
2	edge.venatusmedia.com	hb.vntsm.com
2	ep2.adtrafficquality.google	cadmus.script.ac
2	match.prod.bidr.io	2 redirects
2	seg.ad.gt	p.ad.gt
2	sync.go.sonobi.com	2 redirects
2	image2.pubmatic.com	1 redirects
2	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	analytics.google.com	cadmus.script.ac
2	cdn.hadronid.net	www.overtake.gg a.ad.gt
2	ads.yieldmo.com	hb.vntsm.com cadmus.script.ac
2	ap.lijit.com	1 redirects hb.vntsm.com
2	ex.ingage.tech	hb.vntsm.com
2	i.clean.gg	cadmus.script.ac
2	overtake-data.community.forum	www.overtake.gg
1	sync.srv.stackadapt.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	match.deepintent.com	1 redirects
1	dis.eu.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.sharethrough.com	1 redirects
1	js-sec.indexww.com	cadmus.script.ac
1	eb2.3lift.com	cadmus.script.ac
1	ads.pubmatic.com	cadmus.script.ac
1	scripts.opti-digital.com	cadmus.script.ac
1	eus.rubiconproject.com	cadmus.script.ac
1	sync.a-mo.net	cadmus.script.ac
1	r.bidswitch.net	1 redirects
1	csi.gstatic.com	pagead2.googlesyndication.com
1	ssum-sec.casalemedia.com	www.overtake.gg
1	api.ipify.org	cdn.prvk.io
1	s.yimg.com	www.overtake.gg
1	cdn.js7k.com	cadmus.script.ac
1	tpc.googlesyndication.com	cadmus.script.ac
1	k8s1-event-tracker-ny.lb.indexww.com	cadmus.script.ac
1	a5693.casalemedia.com	cadmus.script.ac
1	pn.ybp.yahoo.com	cadmus.script.ac
1	www.google.com	cadmus.script.ac
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ice.360yield.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	ib.adnxs.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com	cadmus.script.ac
1	cdn-ima.33across.com	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	static.criteo.net	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	proton.ad.gt	p.ad.gt
1	pixels.ad.gt	p.ad.gt
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	d.turn.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	ids4.ad.gt
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	td.doubleclick.net	cadmus.script.ac
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.id5-sync.com	www.overtake.gg
1	g2.gumgum.com	hb.vntsm.com
1	tlx.3lift.com	hb.vntsm.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	pbs.optidigital.com	hb.vntsm.com
1	hbopenbid.pubmatic.com	hb.vntsm.com
1	fastlane.rubiconproject.com	hb.vntsm.com
1	htlb.casalemedia.com	hb.vntsm.com
1	grid-bidder.criteo.com	hb.vntsm.com
1	prebid.a-mo.net	hb.vntsm.com
1	hb.yellowblue.io	hb.vntsm.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	fonts.gstatic.com	fonts.googleapis.com
1	hb.vntsm.io	hb.vntsm.com
1	ad-delivery.net	hb.vntsm.com
1	cadmus.script.ac	hb.vntsm.com
1	hb-vntsm-com.global.ssl.fastly.net	hb.vntsm.com
1	fonts.googleapis.com	www.overtake.gg
271	114

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.fanatec.com
github.com
yahoo.com
www.facebook.com
www.twitter.com
www.instagram.com
www.youtube.com
xenforo.com
www.addonflare.com

Subject Issuer	Validity	Valid
overtake.gg E6	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.vntsm.com R11	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
xenforo.com E5	`2024-12-05` - `2025-03-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
overtake-data.community.forum WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-11` - `2025-10-13`	a year	crt.sh
script.ac E6	`2024-12-17` - `2025-03-17`	3 months	crt.sh
ad-delivery.net WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
hb.vntsm.io WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
i.clean.gg WR3	`2024-10-27` - `2025-01-25`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-02-11` - `2025-03-12`	a year	crt.sh
*.a-mo.net R11	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
casalemedia.com E5	`2024-12-11` - `2025-03-11`	3 months	crt.sh
*.kueezrtb.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
the-ozone-project.com WE1	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
pbs.optidigital.com WR3	`2024-12-13` - `2025-03-13`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-06` - `2026-01-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-10`	a year	crt.sh
dev.eks.va.adexchange.gumgum.com Amazon RSA 2048 M02	`2024-10-17` - `2025-11-15`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M03	`2024-07-15` - `2025-08-14`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
hadronid.net WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
id5-sync.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-06-17` - `2025-07-19`	a year	crt.sh
a.ad.gt WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
p.ad.gt WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
pixels.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
seg.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
proton.ad.gt WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-12-14` - `2025-03-14`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-09-06` - `2025-03-05`	6 months	crt.sh
*.venatusmedia.com R10	`2024-12-02` - `2025-03-02`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.prvk.io R10	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-12-09` - `2025-01-29`	2 months	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
v-cdn.prvk.io R11	`2024-11-09` - `2025-02-07`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-23`	a year	crt.sh
opti-digital.com E6	`2024-11-27` - `2025-02-25`	3 months	crt.sh
indexww.com WE1	`2024-11-30` - `2025-02-28`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Frame ID: EED71C071DC9F139321CB9EC0809D097
Requests: 187 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 55EBADC50DFF5CDDEA04FC62600F7AF4
Requests: 37 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-RQB4Z4BXHC&gacid=699552227.1734484425&gtm=45je4cc1v9126221616za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=551380007
Frame ID: DF1B91680ADA192DC890E0633152F167
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_n-Rise_3lift&dcc=t
Frame ID: 7C3CB0051A5DFAC0DC678778F0C5AD71
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: C928534E395D6CE1882BEDC894153A76
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: C36A4BBB9E3DA454E933F87988F33973
Requests: 1 HTTP requests in this frame

Frame: https://dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44C08E7F1516AA85B42E0526FA121A33
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 20D5A636196E0E64E22340D0C88B3820
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8F822D760C516558DF35AA3061EAD94
Requests: 1 HTTP requests in this frame

Frame: https://pn.ybp.yahoo.com/ab/secure/true/imp/S3ummZ4OKpqvzXCsEjhi6muaHvw3rC3SiSmIDz5zLUziy4DrL672VfBif5y2oVFzwHG8hGf9Jiuhwg_tL_vKXms6YT9bOq3PR5sYyYg69rINQcZNQdRyopGj42DR9jWz70Cw0k80mIlnrk-iy3V4avmcD6fzqNHzkUnFExAzOeGqBJ-G-ifXeDaeFboYX8_2jgPkOblAsT1yIkt6prEmpI7CsP2NYGNeJOkNdMm4PM9YfQm9JZiB0BWJ7k0ZJSiUVxJjO49WcVmP-MND8DSi-OI-qJ9AcpnU_PYJRgDkSS_QH0tB5h-v7EiDduTYh4vRwvKWCx1ELNa_0kHMIlVFQUq6KLiVSXyd2GLt-c5zxE0hR-WOcyIIEJYo9TacbGbTlONtpXaCAgPVSw3URGnVBKRFoYUZ56KXKc642tPxcEdZCqouyH7M5b-t3Z7apB67rjijSDboggrQaavpYYs7audnZI0mGrIOBW2VbXjLjXfCbtZad8v83AOqc4Znhq_Hw7HJEAeff1Y9VpwdJBzgGORrEc6CBtKemKafE_NgBznX9qMvUI_vemeyRKFfKqhGxPe-7_ROOKEM-NQnaJ8hvw4GJ5mijp4vLZSiUXcbMojEbv23yWn4_FyDORKigE_2565PD7sbPY-Dsn3cRE7sI-le04YcbUpi04xIXgCGUiA7JMVE2LvYE1gVEfzEvF2TR5hdr5lUl-R7_GudVYDYa0Xma-4Svz66oe6Grdbz36du9a6frdgwJtdGO-kRvhOXVqqEDvYoOpAblCfGVN8khBQBTQqxNrNtsFWxgftdUE_ECdajDqU8maDiF8nIc5nQUn0Kac1vT3ySpJflwrHayuzRCzuxMpBc3Mh9iz9WG0Oly7wxH_gWNPWZRwOQHMyDkzLyqpGCT2KHPzIwP0AyoDwFX4YTv0nSNGYcDFym3EO3pQd5BkL9Pny-nmi4RF13bDMZqcQsVdtzVJ5aO1rR9a7UdxAUv3tAXuTwca3G5pha4Vv2BI2plk_clq9odhZf9O4n2MbiKbg6t5VHu66VY5uMSMoF8gQ8bJPT07sqd_EcV2CtyHE5jPYVMfHkpXGoi8gxUSQrS4_tKnxMsIaUFZJF2-MAMGbywSy8jJx-xYmoDrBtDMb3Mof-H_a3_v_v-Z1tMjTbcoOdeuoWnb6LK9wpnfwsisqFF4sMwTg6mYVLY5oHfP71-Pm2gpwFEdVzPtt4kunAnAnuR1WUzA6rrmjbwxUBI0NpveZRxAD9B-1r2wk0EmAcW0bNxsM09ajZD2AQKF7CBWiRDt_zpu6J8nlgTItfNYi47bPu6J3NqLwcgrF_AY34HMiq3xbQFYmCzQRHbUXm-ROF_LlYX6szuuGnPC5rA7-X0aBvP_pfB0XM7P4YXoODtObvAa0fMBrjs6JWMBdmwVoX0b5J6m1kFI5pkwiUTYJUerntGHW1eaUD4K2Bi-YvTDIm2l4WnEammciDmj4kOFC029kGM5n_mn6_AWd8qxFe1tXU0BbFlXkv_rh8FnQfJVLtY4ZjymbZ_xu-qGfWzyOW2LierYAg7UVBiDgBKKqqUaZHbSyepwFTPjVAUxVibJhx8lL-1yzCy07dozsaWlJEJRbiIPveafdYhlMgLV-wqa3imV6AHBctF-33vI9JBBrYg7JnznezYO8B4bcoSQTq9ZR1dK29VhtcfmJrn-EKMEmpgYzbKBDRS7Xz6dEnPtV-pN2c_p9VA3dg1ZdGescvHwm5VVkTvGBxZVqLrHvdLOyha3eswkfaCDi_ALV0NLG3OLCCz1OygGOyEbvMFqkyggEO_vVnJDleS1supwWI8aeGUKQlHd6O3RU_X8E-kQ/wp/0.36
Frame ID: 37EEEE5E2F4DC5141D0818E3654DF822
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF-_77WhmvKI5XJhDImQHMM9B3iMUctycQXUJe4hkbf7NI3qdF6dRP5MOaoixQWQa97fX47ikLz6pEZ8S3r0RfBPCaGhe2IDC_nCsROJ4kmj-cPq7d2W7fuftDjbqWE_mNbGZaX9R7Hrs5ik_r0VB7PaMWGVBhpbM-9KfYQZKG6oa0XQvUijCLewqcQDHMr-pm_q8jyn6Xl5nLRKKznGseOYqITCArTpst0kDL3TtEXjMWAD4OsfTKqoMb9pewzXTbuER3tXbUHTBm_TAIw4J_l_8kVU2c4M6x0CFsRCuWvFrg0Xspm3uWLVZB-kEyOKtifAWNZl9CAGiDXccPjylfnayIODwqz31t-oXP27_mW1fm86bi8iOSvrJ90xfTsPY7zEqwkJhYURc7qFWh9VDcEcros-GVpfdju5XbZhcIE5GHpqe2HvuyUKng2p-Inng9oInMfZGj3s_dMtREWkrScEAE81bdELHp1K1Boe7ekQ&sai=AMfl-YQ0FwzS30QZOjSPlNxt9rCNIjrDXhQsRFqpBmep2Abnp3ykqAfjwjCHqIxAsMacQp6mrpO4Dq_iZzCm-OEH1B6i8bNPtjzfEz462RpTG8La7u57EFAoeu5J-dkP&sig=Cg0ArKJSzL5gOu9jcy1qEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D1E907C840D3C241BDBA4AC167B99D46
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6344.3020245OATH.COM/B31838141.410989254;dc_ver=103.302;sz=300x250;u_sd=1;gdpr=0;nel=1;dsp_bidurl_0_=https%253A%252F%252Fwww.overtake.gg%252Fdownloads%252Fwrc-telemetry-patch.38991;dsp_campaignid_0_=761067;dsp_chanid_0_=8;dsp_id_0_=30;dsp_impid_0_=v4~~2560178800716359862;dsp_placementid_0_=3439123;dsp_publisherid_0_=205972;dc_adk=1478187450;ord=1tq6kt;click=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2FNrwvmwkU60XEdbpAUemvGtgAC0dwAfIGuCe98atHz_gBXQ8oNg092z24DjyoE9scNuxKcY-_-0xi9BchThvm8hqNVdMJtrtTb86L6kPlaSvdr9Z7jLkdIeAoQLWxWeA0yRNkly8ZYVsaGJvNE5B394OrTFmkI43iSNH-tBXnA3Wl61MoErAXqjviiE8dwtMxbxI6xhlV9855DMMQobopMbpUbN-WpVfzZWVKT3AG0-xrQMOuTi7CvW22b0NPbYnDL6_xcdZVECXm6MbL4coP4hcZ9wdCZelCNC3YU8e4_G-rG_Lo-VjnFg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F$0;xdt=0;crlt=0bMVp!jOeP;cmpl=40;gcsr=m;stc=1;chaa=1;sttr=79;prcl=s
Frame ID: 3CA5977D31C8F47E06F9948174A7E954
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=205972&gdpr=0
Frame ID: 8CE8363FBB89894C1AAFCF6C2576EA23
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.overtake.gg&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: BE25AFF22F3FF1C7BA18E8F230A30C4F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 297247BAED46CFB847DD1054E6D7FF50
Requests: 1 HTTP requests in this frame

Frame: https://cs.ingage.tech/wdc/v1/sync/bidswitch/bab946ce-6dcf-476d-8747-882da785adee?uid=805adf01-b5c0-4b22-806b-ad299815a1ad
Frame ID: 5442C4F910ABFECAF7F159AF0AF66A99
Requests: 1 HTTP requests in this frame

Frame: https://cs.ingage.tech/wdc/v1/syncPage/rubicon?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Frame ID: 7024391D0025810A054B137A7D958E29
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.overtake.gg&gpp=
Frame ID: A65EA579AFC3D2EEC067EFAB980F33ED
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&publisherId=OZONEVEN0005&siteId=1500000410&cb=1734484424975&bidder=ozone
Frame ID: 7871A29709E99275ACE60C1E6AB0EA4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 30A008AF4DECF5F058EBDD43ED66E8E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CoUCSg93d3cub3ZlcnRha2UuZ2dSC2Fhcy03MjY1YTQ3WghwYmExLjMuNGoPd3d3Lm92ZXJ0YWtlLmdn-gEGOS4yMS4w6AIBiAPIw4i7BqgDNOoDJDA5NGFlNzU2LTYyYjUtNGYwZC1iMjcyLWQ3YTljMGVhMWY3N6IEPGh0dHBzOi8vd3d3Lm92ZXJ0YWtlLmdnL2Rvd25sb2Fkcy93cmMtdGVsZW1ldHJ5LXBhdGNoLjM4OTkxL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQNueTXABgDIBgGqBwN3ZWLKBwtvdmVydGFrZS5nZ-AHAYIIC292ZXJ0YWtlLmdniggGY2hyb21l
Frame ID: CC501335201A087B94502B37E62F2328
Requests: 1 HTTP requests in this frame

Frame: https://cs.ingage.tech/wdc/v1/sync/openx/bab946ce-6dcf-476d-8747-882da785adee?uid=273fcb7b-0b0a-46f0-b707-5a537f700cf2
Frame ID: 2381B27B007F495B2E3B547C03FD5D2D
Requests: 1 HTTP requests in this frame

Frame: https://cs.ingage.tech/wdc/v1/sync/sovrn/bab946ce-6dcf-476d-8747-882da785adee?uid=J2XpABZH9jHh6R2ASeWXzWgN
Frame ID: 8D5512F5F584A10CF5C2D8923CCDB7D2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 619BB2BF3B4B096C0C48A22867740DB7
Requests: 1 HTTP requests in this frame

Frame: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Frame ID: 31D1745D82EC26E153C4C17805BDD6EB
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13386848
Frame ID: C8E9FBA85FD02FCCEADB848AA57754F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 319E10FEE44A0FCB74FCB4EC03895961
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 817343C2971CB122E383C372CCE6D7B4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 274D298F496E85E2205FB33C9385A4D0
Requests: 1 HTTP requests in this frame

Frame: https://cs.ingage.tech/wdc/v1/sync/sharethrough/bab946ce-6dcf-476d-8747-882da785adee?uid=4dab2354-135c-43e0-814c-d2971720a22f
Frame ID: 968E4BA54387959C5D3FE31D25640D80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WRC Telemetry Patch | OverTake.gg (Formerly RaceDepartment)

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

271
Requests

91 %
HTTPS

39 %
IPv6

67
Domains

114
Subdomains

92
IPs

7
Countries

6911 kB
Transfer

12126 kB
Size

310
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/logitechg
Title: 🏆Qualifier #2 of the Logitech McLaren G Challenge is now live!—Qualify online for a share of $100,000+

Search URL Search Domain Scan URL

URL: https://www.fanatec.com/?utm_medium=FAP+Banner&utm_source=6165923e32a45&utm_campaign=General+Links&a_aid=6165923e32a45
Title: 🚨Deal Alert🚨Grab the Fanatec Clubsport DD+ wheel base for 15% off!

Search URL Search Domain Scan URL

URL: https://github.com/PHARTGAMES/SpaceMonkey
Title: https://github.com/PHARTGAMES/SpaceMonkey

Search URL Search Domain Scan URL

URL: https://yahoo.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/overtake.gg

Search URL Search Domain Scan URL

URL: https://www.twitter.com/OverTake_gg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/OverTake_gg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/OverTake_gg

Search URL Search Domain Scan URL

URL: https://discord.gg/racedepartment-695627654279462942

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2024 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://www.addonflare.com/
Title: Paid Registrations by AddonFlare - Premium XF2 Addons

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_n-Rise_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_n-Rise_3lift&dcc=t

Request Chain 125

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=1183467559838709040&gdpr=0

Request Chain 126

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26auid%3DAU1D-0100-001734484425-8ME6GT9C-3F03 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26auid%3DAU1D-0100-001734484425-8ME6GT9C-3F03 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=0de4aa32-ca14-4242-a5a5-44018b02bc98&id=AU1D-0100-001734484425-8ME6GT9C-3F03&auid=AU1D-0100-001734484425-8ME6GT9C-3F03

Request Chain 127

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03

Request Chain 128

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&rub=M4T78RDA-B-33WD&gdpr=0

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=da1885a5-023f-4800-b3fa-625212598cf2&id=AU1D-0100-001734484425-8ME6GT9C-3F03

Request Chain 130

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001734484425-8ME6GT9C-3F03&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001734484425-8ME6GT9C-3F03&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=27ad4042-4fa7-4696-aee2-e8478ca2e068%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001734484425-8ME6GT9C-3F03%252526tapad_id%25253D27ad4042-4fa7-4696-aee2-e8478ca2e068%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da1885a5-023f-4800-b3fa-625212598cf2&ttd_puid=27ad4042-4fa7-4696-aee2-e8478ca2e068%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001734484425-8ME6GT9C-3F03%2526tapad_id%253D27ad4042-4fa7-4696-aee2-e8478ca2e068%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&tapad_id=27ad4042-4fa7-4696-aee2-e8478ca2e068

Request Chain 132

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03 HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=8222155452907852911&id=AU1D-0100-001734484425-8ME6GT9C-3F03

Request Chain 133

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=769ac60e-bebf-43f6-8b29-38b5aa207e1f&gdpr=0

Request Chain 134

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001734484425-8ME6GT9C-3F03 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczNDQ4NDQyNS04TUU2R1Q5Qy0zRjAz

Request Chain 157

https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*ac_oA4mnn6OWEGNPfT4Ibdk3qUHgqhiW1_IRRSkHoofkMvKFCaiNobSh2dQOXokv&gdpr_consent=undefined&gdpr=false HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/258/796/7/2.gif?puid=53e0bb78-4cb9-46a6-a72b-275caa4613da&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/258/434/6/3.gif?puid=9b0acc2a-46e2-40f4-97eb-89d26f35a62b&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AAJz0E7OxEQAABZF_DHftA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/258/2/4/5.gif?puid=1183467559838709040&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/258/441/3/6.gif?puid=u_8bef38e8-310a-4969-adf6-dc13e84bc2e7&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/258/429/2/7.gif?puid=477AA176-F89A-450C-8E45-4E5A86A7FA7F&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ad36gQxElp67uHp1ldNY0ZxydOgBw6PfWcpwIax5sg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F1%2F8.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/258/124/1/8.gif?puid=52844611-0f84-412f-b5d7-b335687dfa45&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=da1885a5-023f-4800-b3fa-625212598cf2&ttl=%%TTL%%

Request Chain 172

https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?nis=6 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_pre=CJT29YCSsIoDFf8LaAgdRcIYFQ;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Request Chain 237

https://pixel.adsafeprotected.com/rfw/st/854585/68926917/skeleton.js?bundleId=overtake.gg&ias_dspID=30&ias_campId=761067&ias_pubId=8&ias_chanId=3439123&ias_placementId=0&ias_creativeId=7571343&bidurl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&adsafe_par&ias_impId=v4~~2560178800716359862:1734484424680&adsafe_url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.overtake.gg%2F&adsafe_type=f&adsafe_jsinfo=,id:a078ac87-8c7f-a098-4bc7-1b3baadda122,c:xa4x6A,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6bc697d85b-qrtt9,rg:va,pt:1-5-15,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1.CmxKD1,mtim:318,mot:0,app:0,maw:0,tdt:s,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,et:348,oid:54d712ba-bcdd-11ef-a5ee-12c9845a916b,v:19.8.556,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ff:1,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 250

https://cs.ingage.tech/wdc/v1/syncPage/bidswitch?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinsticator&gdpr=0 HTTP 303
https://x.bidswitch.net/sync?ssp=insticator HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=insticator&bsw_custom_parameter=805adf01-b5c0-4b22-806b-ad299815a1ad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=805adf01-b5c0-4b22-806b-ad299815a1ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dinsticator%26bsw_param%3D805adf01-b5c0-4b22-806b-ad299815a1ad HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D27ad4042-4fa7-4696-aee2-e8478ca2e068%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dinsticator%252526bsw_param%25253D805adf01-b5c0-4b22-806b-ad299815a1ad%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1183467559838709040&pt=27ad4042-4fa7-4696-aee2-e8478ca2e068%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dinsticator%2526bsw_param%253D805adf01-b5c0-4b22-806b-ad299815a1ad%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=insticator&bsw_param=805adf01-b5c0-4b22-806b-ad299815a1ad HTTP 302
https://cs.ingage.tech/v1/syncPage/bidswitch?uid=805adf01-b5c0-4b22-806b-ad299815a1ad&gdpr=&gdpr_consent= HTTP 303
https://cs.ingage.tech/wdc/v1/sync/bidswitch/bab946ce-6dcf-476d-8747-882da785adee?uid=805adf01-b5c0-4b22-806b-ad299815a1ad

Request Chain 256

https://u.openx.net/w/1.0/cm?id=b355ce4f-581b-4a1c-8c84-81fe81e4bc39&r=https%3A%2F%2Fcs.ingage.tech%2Fwdc%2Fv1%2Fsync%2Fopenx%2Fbab946ce-6dcf-476d-8747-882da785adee%3Fuid%3D HTTP 302
https://cs.ingage.tech/wdc/v1/sync/openx/bab946ce-6dcf-476d-8747-882da785adee?uid=273fcb7b-0b0a-46f0-b707-5a537f700cf2

Request Chain 257

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcs.ingage.tech%2Fwdc%2Fv1%2Fsync%2Fsovrn%2Fbab946ce-6dcf-476d-8747-882da785adee%3Fuid%3D%24UID&gpp_sid=&gdpr=0 HTTP 307
https://cs.ingage.tech/wdc/v1/sync/sovrn/bab946ce-6dcf-476d-8747-882da785adee?uid=J2XpABZH9jHh6R2ASeWXzWgN

Request Chain 264

https://cs.ingage.tech/wdc/v1/syncPage/sharethrough?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6&gdpr=0 HTTP 303
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6 HTTP 302
https://cs.ingage.tech/v1/syncPage/sharethrough?uid=4dab2354-135c-43e0-814c-d2971720a22f HTTP 303
https://cs.ingage.tech/wdc/v1/sync/sharethrough/bab946ce-6dcf-476d-8747-882da785adee?uid=4dab2354-135c-43e0-814c-d2971720a22f

Request Chain 265

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-bm8aRANE2pd1.YTOZKyr556eszGocH52I0IQ~A

Request Chain 266

https://match.prod.bidr.io/cookie-sync/gum HTTP 303
https://usersync.gumgum.com/usersync?b=bwx&i=AAJz0E7OxEQAABZF_DHftA

Request Chain 267

https://id5-sync.com/s/441/9.gif?puid=u_8bef38e8-310a-4969-adf6-dc13e84bc2e7&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=27&3pid=da1885a5-023f-4800-b3fa-625212598cf2&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/441/1245/8/2.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F7%2F3.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/203/7/3.gif?puid=3609da4f-8f1b-409b-99f3-20f3610f03ed&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=58&3pid=477AA176-F89A-450C-8E45-4E5A86A7FA7F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/441/1242/6/4.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/108/5/5.gif?puid=27ad4042-4fa7-4696-aee2-e8478ca2e068&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=85&3pid=AAJz0E7OxEQAABZF_DHftA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/441/1241/4/6.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fid5-sync.com%2Fa%2F441%2F1132%2F3%2F7%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/441/1132/3/7/gif/0/0/0/0/d3991727-6b8d-45e8-9125-40bc542d72da HTTP 302
https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F987%2F2%2F8.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 303
https://id5-sync.com/c/441/987/2/8.gif?puid=di_002ceb35702145b1b95ed&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F1%2F9.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/826/1/9.gif?puid=460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1228%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/441/1228/0/10.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=

Request Chain 268

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=d3991727-6b8d-45e8-9125-40bc542d72da

Request Chain 269

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=T5P-jw8nUo1lBDqMv9_zWwW16oQ

Request Chain 270

https://x.bidswitch.net/sync?ssp=criteo&custom_data=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-IePDH_tIjOv-hyP6bjbFMrubFqrdhzL-cME8rw HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&u=805adf01-b5c0-4b22-806b-ad299815a1ad

Request Chain 271

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q&u=1183467559838709040&gdpr=0&gdpr_consent=

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=3609da4f-8f1b-409b-99f3-20f3610f03ed&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dIUPsTV9QM1QlMkZLVzhXJTJGYWRrSU14JTJCUkh2eE15c2Y2TXVkZnA3eWxmblRQaDlPcmVBJTNE%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=IUPsTV9QM1QlMkZLVzhXJTJGYWRrSU14JTJCUkh2eE15c2Y2TXVkZnA3eWxmblRQaDlPcmVBJTNE&u=CAESEEouKeOhK5MDFTTLVLolEvA&gdpr=0&gdpr_consent=&google_cver=1

271 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.overtake.gg/downloads/wrc-telemetry-patch.38991/ 168 KB
33 KB 357ms
131ms Document
text/html 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

cec8018f2259b17cf28d9b7698be31d2753b7da774503186589782b122b9351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
content-length: 33280
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Wed, 18 Dec 2024 01:13:43 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 index.js Show response
hb.vntsm.com/v4/live/vms/sites/overtake.gg/ 45 KB
8 KB 154ms
11ms Script
text/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/index.js

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

06d4d8acd196ef65ffd95f920b0de93ff0a8f411a9641a4e0753f4808d99b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "83b6cb7fcc14195f8859bdd67f08fa7d"
age: 4430
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Mon, 16 Dec 2024 12:14:37 GMT
vary: Accept-Encoding
x-served-by: cache-dub4331-DUB, cache-lga21960-LGA
content-type: text/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 47, 0
strict-transport-security: max-age=300
x-amz-id-2: TYdDeJd9j69B06yHKuXcCBSfj7WaOQ52q6YlPJBOFQHLtWQ3nqxJb5v7Vl+2dxsqL5b/flV0uDI=
x-timer: S1734484424.625660,VS0,VE1
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7319
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 fa-light-300.woff2
www.overtake.gg/styles/fonts/fa/ 180 KB
180 KB 121ms
117ms Font
font/woff2 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "672e2ea9-2cf50"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 184144
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx

GET
H2 200 fa-solid-900.woff2
www.overtake.gg/styles/fonts/fa/ 134 KB
134 KB 218ms
214ms Font
font/woff2 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "672e2ea9-21678"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 136824
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx

GET
H2 200 fa-brands-400.woff2
www.overtake.gg/styles/fonts/fa/ 75 KB
75 KB 218ms
215ms Font
font/woff2 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "672e2ea9-12bc4"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 76740
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx

GET
H2 200 css.php
www.overtake.gg/ 399 KB
83 KB 219ms
217ms Stylesheet
text/css 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=100&l=1&d=1734345567&k=4bf0564fad74d70b6656fa51550034ecdd13c9f0

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

9381cb3c4b803d255db84d309c2efbf5b5d43ec14fb8ba16629f35df7edbca72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: gzip
expires: Thu, 18 Dec 2025 01:13:43 GMT
content-length: 84888
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 16 Dec 2024 10:39:27 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 css.php
www.overtake.gg/ 124 KB
26 KB 219ms
216ms Stylesheet
text/css 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/css.php?css=public%3Alightbox.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Astructured_list.less%2Cpublic%3Axa_ams.less%2Cpublic%3Axa_ams_tile_view_layout.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less&s=100&l=1&d=1734345567&k=c80f72a8b3f51e92c257106d3708d7b873b13627

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

7a0f150b2b99e28d2fb492d64905f961ed0652d1723c226b3f12a7784a79e891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: gzip
expires: Thu, 18 Dec 2025 01:13:43 GMT
content-length: 26351
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 16 Dec 2024 10:39:27 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 preamble.min.js Show response
www.overtake.gg/js/xf/ 4 KB
2 KB 218ms
215ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/xf/preamble.min.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e2ea9-e11"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 83ms
34ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4830345-3

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf825eee0c39fc7cfdb3bed017bdadab222dcfd410aa33dd0c4648d3884a1fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 18 Dec 2024 01:13:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81432
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 essential.js Show response
cloudmetrics.xenforo.com/js/ 1 KB
710 B 114ms
30ms Script
application/javascript 104.20.106.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudmetrics.xenforo.com/js/essential.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.106.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ae8dba06ea59e55857156997cbbe59e8b72dbd8138ac1e412377e3f6fcc94e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=86400
content-encoding: br
cf-cache-status: HIT
etag: W/"67055e8a-4b7"
age: 4449
cf-ray: 8f3b4ac2291443fb-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 16:32:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
938 B 64ms
29ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac87990e8b0859c452087ceefb33f9ec788de319b0cd9e80e807cf6e8347cd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:13:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 18 Dec 2024 01:13:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 logo_white-1.png
www.overtake.gg/data/files/logos/ 5 KB
5 KB 217ms
216ms Image
image/png 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/data/files/logos/logo_white-1.png

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

19d1f08f157adc2739d6db10f8016a3ffd9f5ba65bb5ad173c8266d222e868f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "6728a03e-1203"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 4611
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 10:21:50 GMT
server: nginx

GET
H2 200 logo_white-1.png
overtake-data.community.forum/styles/100/styles/overtake/xenforo/ 5 KB
5 KB 124ms
24ms Image
image/png 2606:4700:3032::6815:33e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://overtake-data.community.forum/styles/100/styles/overtake/xenforo/logo_white-1.png
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:33e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d1f08f157adc2739d6db10f8016a3ffd9f5ba65bb5ad173c8266d222e868f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-cache-status: HIT
etag: "171bc483afa7d1ec6edb744175a535bc"
age: 1879616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BwikhxmrJJk10dKp64fFUSL8Aa%2B%2BXb%2FkmsQd%2F06hN%2BvYpC6kxFFGboXuCzKYl3w8S9qnpjl5dHMxCq%2BB54zKW7gUMkS4GsUFtpACVpflmgb%2B8zPjfOmJadNNXtMJe8d1pEVRfZBZ4yF35T1us6TAXrqwSrsfeflGSBmTA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8555&min_rtt=8385&rtt_var=1504&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3915&recv_bytes=2268&delivery_rate=470477&cwnd=253&unsent_bytes=0&cid=6a38fd64eed9a894&ts=33&x=0"
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: image/png
last-modified: Thu, 12 Sep 2024 09:58:44 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3b4abf6994428b-EWR
accept-ranges: bytes
content-length: 4611
server: cloudflare

GET
H2 200 OVT_Simlab_Giveaway_Main.jpg
www.overtake.gg/data/files/giveaway/2024-12/ 388 KB
389 KB 200ms
200ms Image
image/jpeg 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/data/files/giveaway/2024-12/OVT_Simlab_Giveaway_Main.jpg

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

e92590c2aaf5b294238397e95d6f5332c6c73b711546d6dbf71859a242b9751e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "675d89ef-61037"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 397367
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: image/jpeg
last-modified: Sat, 14 Dec 2024 13:36:47 GMT
server: nginx

GET
H2 200 jquery-3.5.1.min.js Show response
www.overtake.gg/js/vendor/jquery/ 87 KB
31 KB 92ms
92ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/vendor/jquery/jquery-3.5.1.min.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e2ea9-15d84"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 vendor-compiled.js Show response
www.overtake.gg/js/vendor/ 43 KB
13 KB 85ms
85ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/vendor/vendor-compiled.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e2ea9-aab8"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 core-compiled.js Show response
www.overtake.gg/js/xf/ 211 KB
62 KB 95ms
84ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/xf/core-compiled.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

1a691f964812845338d0cccac1f3dfcbddc96e3ae0c64ed9e3bfe8bd487ec1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e5433-34b60"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 18:10:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lightbox-compiled.js Show response
www.overtake.gg/js/xf/ 80 KB
26 KB 99ms
89ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/xf/lightbox-compiled.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

d9377b84890191f0cbafa8fba3dfedf7d510b59722947f670590c2ee99b2ea51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e2ea9-14104"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 core.min.js Show response
www.overtake.gg/js/siropu/am/ 9 KB
3 KB 100ms
90ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/siropu/am/core.min.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

688dd33ed28d8089f3b559839052791cadfce9fa46f15dc39d8afbf0f5f4eb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"66e81ab5-2539"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 11:47:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 comment.min.js Show response
www.overtake.gg/js/xf/ 1 KB
1 KB 100ms
91ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/xf/comment.min.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "672e2ea9-4a9"
expires: Thu, 18 Dec 2025 01:13:43 GMT
accept-ranges: bytes
content-length: 1193
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx

GET
H2 200 notice.min.js Show response
www.overtake.gg/js/xf/ 4 KB
2 KB 101ms
92ms Script
application/javascript 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/js/xf/notice.min.js?_v=4944575a

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"672e2ea9-e4e"
expires: Thu, 18 Dec 2025 01:13:43 GMT
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 15:30:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 151.js Show response
hb.vntsm.com/v4/live/vms/sites/overtake.gg/ 22 KB
9 KB 10ms
10ms Script
text/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/151.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a1d5f045222365ef29637b8c438a7a4370d91c714d8b26c4b787d26145de34ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "68f336555db05f7a7caaf526d0bf5437"
age: 4429
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Mon, 16 Dec 2024 12:14:37 GMT
vary: Accept-Encoding
x-served-by: cache-dub4347-DUB, cache-lga21960-LGA
content-type: text/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 47, 0
strict-transport-security: max-age=300
x-amz-id-2: 9rt3PgwIC/ADOrWBxbeRAHtMKNKbhPbU5OEx90lN950aTw4KhsjbWRkGOK+5EwQnkhDu2Sq8Z3M=
x-timer: S1734484424.644311,VS0,VE1
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9498
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 562.js Show response
hb.vntsm.com/v4/live/vms/sites/overtake.gg/ 62 KB
18 KB 10ms
10ms Script
text/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/562.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c94e227ea29e087966e20e463c40c2d9dfcaabd9f1abd63f6ff08c3f6d264eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "caf29acaacfc258aa3ef74bb86ffbed5"
age: 4429
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Mon, 16 Dec 2024 12:14:37 GMT
vary: Accept-Encoding
x-served-by: cache-dub4344-DUB, cache-lga21960-LGA
content-type: text/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 46, 0
strict-transport-security: max-age=300
x-amz-id-2: I1I8o0/+PEbngtr+50Jpo4ARD2ls/thkaaPc7lsvmnCzecOGpNH3wcC5ajIFvjh9lIJ17iSicvA=
x-timer: S1734484424.644267,VS0,VE1
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18031
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 ad-manager.js Show response
hb.vntsm.com/v4/live/vms/ 807 KB
237 KB 9ms
9ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/ad-manager.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/sites/overtake.gg/562.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c18b5bdd593e79213658f832533018b0d5c9bbe9cbf681180017aca426542c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "6410b9ee66a6940fc9a8eb46d317a4aa"
age: 1030
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:35 GMT
vary: Accept-Encoding
x-served-by: cache-dub4346-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 36, 2
strict-transport-security: max-age=300
x-amz-id-2: +tBxvXKmkaxF41Em6QNJTVWVIz5VMvz8itf+i1w58qY/hfZfReTstwiQbbBC4p0GjL3Wx8lyjHw=
x-timer: S1734484424.678620,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 242131
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 31805.js Show response
hb.vntsm.com/v4/live/vms/ 1 KB
677 B 9ms
9ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/31805.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "31d0f8f91192471adb37d7b87a9e52c9"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4323-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 45, 8
strict-transport-security: max-age=300
x-amz-id-2: rjp8jqiDjfz5NH076KTyiYCB4xNdv6MNEwwlX0lAh8wEmUDjpWp+uVRODcC8gysdcNn8A9LcmrI=
x-timer: S1734484424.799831,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 453
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 0
0 41ms
9ms Fetch
text/plain 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Access-Control-Expose-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 4630
Access-Control-Allow-Methods: GET, OPTIONS
X-Cache: HIT, HIT
Date: Wed, 18 Dec 2024 01:13:43 GMT
Last-Modified: Tue, 02 Apr 2024 15:20:36 GMT
Vary: Accept-Encoding
X-Served-By: cache-dub4345-DUB, cache-lga21952-LGA
Content-Type: text/plain
x-amz-id-2: O1E1MIYWJ2wS91Deqa9LdeXs7BCCpTaOpzIcWMDcFny33+iVLp1Ae9iaHHYszWwHkPV8j9PwPu8P2BcAQ4T/vA==
X-Cache-Hits: 51, 93
Strict-Transport-Security: max-age=300
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Timer: S1734484424.845493,VS0,VE0
X-IP: 5.181.234.132
Connection: keep-alive
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Geo-Sub: NY
X-Geo: US
Venatus-CDN-HB-Rule-Version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 186 KB
67 KB 77ms
30ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e428319b9f2258b7946fe3e3ce78ef05a085113b2ac011ba8171870476585b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
content-encoding: gzip
etag: W/"338e9b170990344bed53e0d3fdcd8cb12729a884"
age: 0
cf-ray: 8f3b4ac1e9808ce6-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 17 Dec 2024 21:09:21 GMT

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
1 KB 50ms
23ms Fetch
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1276728
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exrlj6qIGXVeSGPNYRv%2BNyesQYKg7INNwGf7dh3vxdvGYakZqSqtLuu7KuDZn9sUNoZxeOxfvSvJXsmAM%2B1kO276rE4PRIn0iP2UmuShllTBl19sYwvpoHJdgLYAAM%2BQFFoBpp3PetiDO3yKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Thu, 19 Dec 2024 01:13:43 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=8294&min_rtt=8194&rtt_var=1452&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4008&recv_bytes=2269&delivery_rate=481857&cwnd=253&unsent_bytes=0&cid=e9868dae61e8a500&ts=29&x=0"
x-goog-stored-content-length: 43
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4LmU1eR6dHJNNJlIBExO5Fo4srFhBRMMpeelA8NhvVTwK2w5PBMnl1hzyCpPzxGpqKVW_uxCqglQ
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8f3b4ac149af43e8-EWR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
663 B 151ms
51ms Fetch
text/html 2606:4700:10::6816:2f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

geo-subdivision: US-NY
access-control-expose-headers: *
cf-cache-status: HIT
etag: "2f58b9ff601fd509249a9e7628a21c33"
age: 5133
geo: US
access-control-allow-methods: GET
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: text/html
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
x-amz-id-2: v6wA8XOjyLPuBVoFDu8Ycl8qe1yektBLN//cZPADqiNSSo9J7yh3iZ25J/b9UT37rOV3Z35WHdM=
cache-control: max-age=14400
x-amz-request-id: YQ903XKHE4ZHWD1F
cf-ray: 8f3b4ac1be938cb4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32
server: cloudflare

GET
H2 200 11613.js Show response
hb.vntsm.com/v4/live/vms/ 3 KB
2 KB 18ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/11613.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "afafd76a018506c353fd0f606f8228b2"
age: 1032
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4331-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 54, 8
strict-transport-security: max-age=300
x-amz-id-2: 5cYFIcX0mjWvFiT0W0U5EUtPNAoGjOOBg02tud7rg+/yBxh3Hl0z+KpQSvbwEwes06PDSqTwIC3yaZMC9MirzqhVM1/MdikP
x-timer: S1734484424.946971,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1472
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 73469.js Show response
hb.vntsm.com/v4/live/vms/ 18 KB
7 KB 20ms
13ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/73469.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d2ceb1797ece60726ad3bebf5d5decd8c2e6747eba5e274f59d0f67a04eaee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "f9cbd680929da69344cb388805afd348"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4351-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 50, 8
strict-transport-security: max-age=300
x-amz-id-2: kZPwvoDumtWJvuFMj2UusxNGZAu2eq1aOySLqG3HXbENZloBUieSEXP8+XW+urQyq3rRldRrYP1iHl9/MOEeLJNUs6ZJbVji
x-timer: S1734484424.946927,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6345
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 50678.js Show response
hb.vntsm.com/v4/live/vms/ 7 KB
3 KB 20ms
13ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/50678.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e96617ee75b17d45ef165d8e0ea6bd9667766a5b7c58818c060dcf22c2e386f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "a2ac8fe2d28dd908e583e9bc46feb278"
age: 1030
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4358-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 40, 8
strict-transport-security: max-age=300
x-amz-id-2: j4lpG5O5P/lRoXC0+tWngxl1LsJrhWwLUHpD/tvY59K7CzUn4kvpJQm1iP1+KEMdH4YBjif0HG9VxzyotiVUii20NdO52hsO
x-timer: S1734484424.946924,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3033
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 33693.js Show response
hb.vntsm.com/v4/live/vms/ 10 KB
4 KB 22ms
16ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/33693.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

715b5b05866fc8376a3df9610320431317939f8dc337b9419f763d1e54046b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "a54bec7defbfcb92f4a44f72e9bf1df5"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4356-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 59, 8
strict-transport-security: max-age=300
x-amz-id-2: mMu2PnwgJD8zIVIXjYkPjWI3Prkr/FEbXNLHTgaTdRo1VNnBnWs+LnBWHl906/n7NvhbbHES5RU=
x-timer: S1734484424.947836,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4097
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 25369.js Show response
hb.vntsm.com/v4/live/vms/ 8 KB
4 KB 22ms
15ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/25369.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c78d20a649faf93b211f76aa7803b335deb469de020f20907014bf4b456d4d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "563acb09a27177c67084ecf55f3fa525"
age: 1029
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4321-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 25, 8
strict-transport-security: max-age=300
x-amz-id-2: SdBi074T4mIdfc6D2kbaD2MkeenrL/tgqeiNAa4AsNTBe5wlTtGjCrGguH2vVClr2RWTrNOE/0hjwVjhD2R/dQ==
x-timer: S1734484424.947980,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3434
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 44599.js Show response
hb.vntsm.com/v4/live/vms/ 25 KB
10 KB 21ms
15ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/44599.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32a7759d7823aa5f8bea9bf3fb7c7caacc706490f317adb510f1ea9460df0e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "d7c3922b58117cb0f331e7235c334a29"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4344-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 57, 8
strict-transport-security: max-age=300
x-amz-id-2: XjvpwLv2XPGa98CAoGlLzdiwQIpqwj3aAMiVKvh0Nd7da/F5UNAZQUOOlPGNXehyUNw3YMuxqgnLRUGKQ0LUoV0xhxtQgDzD
x-timer: S1734484424.947913,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9238
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 53170.js Show response
hb.vntsm.com/v4/live/vms/ 29 KB
10 KB 22ms
16ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/53170.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc2714147abc73c0c099d7ba1ffea846d438c07f9fca58ffa13ff40108b0385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "99487a2586727761288e307259b4cac1"
age: 1029
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4347-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 28, 8
strict-transport-security: max-age=300
x-amz-id-2: G4gSX3LZHG/rX0lEudGmtQcDP46oQmxJci09XxJqw+YhBrk31WfZnMydiAK+vNQML/bAOcYdWX3Oj0x9Yaak7A==
x-timer: S1734484424.947949,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10051
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 63206.js Show response
hb.vntsm.com/v4/live/vms/ 30 KB
10 KB 20ms
14ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/63206.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d495a8e91497430d2c54e28e8bf512f2608ec199b525c528853da41dab80dfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "6245bbb9954fc358404fec455bc3cdaf"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4333-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 48, 8
strict-transport-security: max-age=300
x-amz-id-2: 0BDZY+q3vSNdqawNsXOvNwOkiMx5rZK+ePaoZ88j6+RXIYSZrDw+ffarda5mgPZkeT3nDlXuGpo=
x-timer: S1734484424.947958,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9935
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 41252.js Show response
hb.vntsm.com/v4/live/vms/ 25 KB
9 KB 24ms
19ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/41252.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e690668529b15bf59b55d3180778399058021402925336646a90a606a158611c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "c05d653162d6c105b4142a229f9bf1ec"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4361-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 44, 8
strict-transport-security: max-age=300
x-amz-id-2: SqxFdaKAHe2fVaixaRP+x7Ii1H139kzBuYGiptC8ofpQl8SqzRwJjRCcBE3OWKxAmKBb35p9lXMkgIthr6wfFdcAcgdQX8lIPYXkB2yU/ZY=
x-timer: S1734484424.948486,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9025
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 74012.js Show response
hb.vntsm.com/v4/live/vms/ 8 KB
3 KB 23ms
18ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/74012.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

864fa09db7b73879f009ada3f41f05c0463c6ed76724984c56a5091ef4f7f734

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "e907d463c0f2de0cc3ee9a68d132548f"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4334-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 28, 8
strict-transport-security: max-age=300
x-amz-id-2: y99F9toSvmqbypNbHYBsK/9bZhXu7J41iIIyTSjMwCt9ZLcb9Muu2cm9IVDvvRkarM78ErAz9/g=
x-timer: S1734484424.949018,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3145
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 62711.js Show response
hb.vntsm.com/v4/live/vms/ 27 KB
10 KB 26ms
21ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/62711.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5f4e2c96cc7fa8c73dcd7e8877860d77da4a88bcc138a2b388ceed0729ab6256

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "4f69452a4c2e51ef7ab7d8a71cdecfdc"
age: 1029
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4347-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 26, 8
strict-transport-security: max-age=300
x-amz-id-2: 9bFG46xpfZRD7jhd5v5mBKYwtX91lfcc6qTh5jCGH3wXt+bWcXV9qDWaIK/7a6oqu7y+Db7pIHqjtH8WPOjncw==
x-timer: S1734484424.955001,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9875
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 90089.js Show response
hb.vntsm.com/v4/live/vms/ 7 KB
3 KB 25ms
21ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/90089.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70e792b4a1b0220da9e8f8a8c304e8fbc1e14b3172e722048bfd2cba88c990ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "9fa0102112be798b17e1afc00bd318df"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:34 GMT
vary: Accept-Encoding
x-served-by: cache-dub4334-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 28, 8
strict-transport-security: max-age=300
x-amz-id-2: SN7xWiKFO0lm6sMOyxdNBk38TVjVv5GtNnqicFyl61EiZ1mkvFBoNlWMuqRfgayHxEGEZatvWZyUT8hGwCoo/jhuXU5AjL1OY/gzz81ghPU=
x-timer: S1734484424.954832,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2725
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 19761.js Show response
hb.vntsm.com/v4/live/vms/ 10 KB
4 KB 27ms
23ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/19761.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0cb19550ec4fcd91bdf490a8103294b5503cab9656466df3d4655e8320f1106

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "46b4d89f467cc187b9c5387020b53424"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4324-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 45, 8
strict-transport-security: max-age=300
x-amz-id-2: ujRJVsK37CAkgl+sglAFErZgqhVPOn4I2LO7V65V8BPZkDzR/xyD4kcYQ308y5o3IsZLJNNlROHEM5uvtCRSnw==
x-timer: S1734484424.954704,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3766
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 68723.js Show response
hb.vntsm.com/v4/live/vms/ 8 KB
4 KB 24ms
20ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/68723.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ccfb4c3a0616f9137a700afaf6162777ac32c3efde7702b73065efc5201accb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "5f2db4932b78d2df6e09490f281f5421"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4329-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 59, 8
strict-transport-security: max-age=300
x-amz-id-2: vUctIhZPM8v2w73PtS4Dtaiea6NcCbj6IpDfmKwPs57iUJe5S1XrgAwiHGIpkKmgIxn8GpnOoBw=
x-timer: S1734484424.954842,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3168
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 98282.js Show response
hb.vntsm.com/v4/live/vms/ 6 KB
3 KB 28ms
24ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/98282.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

801727c7de1e744a2d530cad72484b7358785f5621264666b0c582d3367f3cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "1f95a985e1efa6aef32ef3762ece3e68"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:34 GMT
vary: Accept-Encoding
x-served-by: cache-dub4326-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 59, 8
strict-transport-security: max-age=300
x-amz-id-2: 17+k9ooG0MBMIAGDTyeH21wX87vDaFkPDFXHICc7YevahsxqmAij5Ecx9jlJzk+agK2J7Drleok=
x-timer: S1734484424.954617,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2554
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 19021.js Show response
hb.vntsm.com/v4/live/vms/ 4 KB
2 KB 27ms
24ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/19021.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c36e18778c5304cc9f1b0fc32d5ee71641165ce62129afe758c70182ee83575d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "295209a35cbecd3ec68023624a33d84b"
age: 1003
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4349-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 15, 5
strict-transport-security: max-age=300
x-amz-id-2: wTYxIWVG3dMf5UPJ6J/lnqt9Vh2h86B35vdcCvMlZ5drf8hPNQmHW9XUyWAZCXjlXcV+r+sUgX8=
x-timer: S1734484424.954577,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1583
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 41564.js Show response
hb.vntsm.com/v4/live/vms/ 20 KB
8 KB 26ms
23ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/41564.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52c593769c22876a988e9b1b8d345e3d652a41c51c37a13d6f290c46fa7e9b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "37dd9c726ddb3a9a774cb40ee85a6612"
age: 1004
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4331-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 15, 5
strict-transport-security: max-age=300
x-amz-id-2: vmn6EFvn0ebkTghmdcQmVgNNVs7WwwjImVpMUm/3iWNtheJnqzYWdnT3Yqxa7Oo9NyrQtrvWOTs=
x-timer: S1734484424.954597,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7918
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 9768.js Show response
hb.vntsm.com/v4/live/vms/ 80 B
304 B 25ms
22ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/9768.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f40369a59e0732ee9e8b362720c44411960aab65c3da366be62714cd552dab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "357cb6113be4d9625935ac6b19479e2b"
age: 1004
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:34 GMT
vary: Accept-Encoding
x-served-by: cache-dub4364-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 15, 5
strict-transport-security: max-age=300
x-amz-id-2: ugFtnvSAFmrWUow7rURMG0v2u5oL4M2Sr6eswWJ/mklW0XXSl3dIkXnklFoDZrr5RoFQL4gj2G9ThclW4I031UtJVizkUQ9KufIJX/HIylU=
x-timer: S1734484424.954536,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 98454.js Show response
hb.vntsm.com/v4/live/vms/ 9 KB
4 KB 24ms
21ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/98454.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4849ef82469750fbe602ca670ce396a3e7df33d51eb58e52b8c93e23d7537281

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "8ec4d46744ba0e8817587cb0e23c0874"
age: 1004
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:43 GMT
last-modified: Tue, 17 Dec 2024 15:26:34 GMT
vary: Accept-Encoding
x-served-by: cache-dub4322-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 11, 5
strict-transport-security: max-age=300
x-amz-id-2: hpFP2L53F+y0SvQCfFtiA1baW9XMraTzUHjXioROwQBXA60T7v/mbDMkJTpdf3solQKWwu6eymw=
x-timer: S1734484424.954573,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3808
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 xenforo-smilies-sprite.png
www.overtake.gg/styles/novus/xenforo/ 8 KB
8 KB 93ms
81ms Image
image/png 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/styles/novus/xenforo/xenforo-smilies-sprite.png

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=100&l=1&d=1734345567&k=4bf0564fad74d70b6656fa51550034ecdd13c9f0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

dd845166b6a20512e9cdf8ce4fce27e47b6568aca59fb58f026bc7b23f729fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=100&l=1&d=1734345567&k=4bf0564fad74d70b6656fa51550034ecdd13c9f0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "5a53123f-2021"
expires: Thu, 18 Dec 2025 01:13:44 GMT
accept-ranges: bytes
content-length: 8225
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/png
last-modified: Mon, 08 Jan 2018 06:39:59 GMT
server: nginx

GET
H2 200 sprite_sheet_emojione.png
www.overtake.gg/styles/default/xenforo/reactions/emojione/ 7 KB
7 KB 93ms
82ms Image
image/png 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/styles/default/xenforo/reactions/emojione/sprite_sheet_emojione.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

9c2fc1f21cd6daad0e387f65ed6fef77e6b58e13129148c40e53fb8abdcf3441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=100&l=1&d=1734345567&k=4bf0564fad74d70b6656fa51550034ecdd13c9f0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "65de41d4-1d23"
expires: Thu, 18 Dec 2025 01:13:44 GMT
accept-ranges: bytes
content-length: 7459
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/png
last-modified: Tue, 27 Feb 2024 20:11:00 GMT
server: nginx

GET
H2 200 cover-image
www.overtake.gg/news/assetto-corsa-evo-to-feature-auto-learning-ai-opponents-improve-on-accs-multiplayer-ranking.2717/ 362 KB
363 KB 255ms
249ms Image
image/jpeg 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/news/assetto-corsa-evo-to-feature-auto-learning-ai-opponents-improve-on-accs-multiplayer-ranking.2717/cover-image

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

aa986d926760f8daeaef05236cf58237bc4eb08687b0c170fc6d690c4d487f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, max-age=0
etag: "1734460976"
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 370949
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
content-disposition: inline; filename="Assetto-Corsa-EVO-AI-Multiplayer-3.jpg"
x-frame-options: SAMEORIGIN

GET
H2 200 cover-image
www.overtake.gg/news/assetto-corsa-evo-all-of-the-1-600km2-open-world-map-will-be-drivable.2716/ 318 KB
318 KB 276ms
271ms Image
image/jpeg 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/news/assetto-corsa-evo-all-of-the-1-600km2-open-world-map-will-be-drivable.2716/cover-image

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

7181bfdbb052399b09c6a6cb9fe9d52bfe9ee539fb55a37706f685d4ebfadeec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, max-age=0
etag: "1734451796"
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 325423
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
content-disposition: inline; filename="Assetto-Corsa-EVO-Interview.jpg"
x-frame-options: SAMEORIGIN

GET
H2 200 cover-image
www.overtake.gg/news/exclusive-live-stream-answering-assetto-corsa-evo-questions-with-marco-massarutto.2705/ 732 KB
733 KB 313ms
308ms Image
image/png 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/news/exclusive-live-stream-answering-assetto-corsa-evo-questions-with-marco-massarutto.2705/cover-image

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

f5ae1fcc586a710ec1126e1576b93489d03cebfb50d5543bf3f8ce3f74861e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, max-age=0
etag: "1734095084"
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 749316
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
content-disposition: inline; filename="Assetto-Corsa-EVO-Live-Stream-Interview-Massarutto.png"
x-frame-options: SAMEORIGIN

GET
H2 200 cover-image
www.overtake.gg/news/iracing-2025-special-events-calendar-confirmed.2709/ 160 KB
161 KB 216ms
211ms Image
image/jpeg 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/news/iracing-2025-special-events-calendar-confirmed.2709/cover-image

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

65708fbe5cf4419d7ae6e648384165856ceb42f36a568881b0568d8a71db6448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, max-age=0
etag: "1734350782"
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 163971
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
content-disposition: inline; filename="Ferrari 499P iRacing Daytona.jpg"
x-frame-options: SAMEORIGIN

GET
H2 200 cover-image
www.overtake.gg/news/fanatec-offers-free-wheel-side-qr2-with-most-steering-wheels.2715/ 111 KB
112 KB 241ms
236ms Image
image/jpeg 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.overtake.gg/news/fanatec-offers-free-wheel-side-qr2-with-most-steering-wheels.2715/cover-image

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

fa830dc6232ca22e1ff53d6089b7bd73abea619aaedb03eabdbfa78dc9980b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, max-age=0
etag: "1734439468"
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 114017
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
content-disposition: inline; filename="Fanatec-Free-Wheelside-QR2.jpg"
x-frame-options: SAMEORIGIN

GET
H3 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ 32 KB
32 KB 54ms
25ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://fonts.googleapis.com/

Response headers

age: 454546
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 18:57:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:57:58 GMT
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32272
x-xss-protection: 0
server: sffe

GET
H2 200 20404.js Show response
hb.vntsm.com/v4/live/vms/ 6 KB
4 KB 11ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/20404.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb626a05fd1c1ec386a9ad7f2fbdd6ddb36a012b730312fe7fa67dc73f6666a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "85d15ad761f666c401b8b83b14f79fce"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4335-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 49, 8
strict-transport-security: max-age=300
x-amz-id-2: Pl3FRwuNx4ExbtzdDjQ2kS/AUifbE1PeK9QOcDNl7lbhszJXas2dzYj5/Mx+cRUOfwnQ1AUhoRxFJKdr86OGXa8Ug6QB2FKm
x-timer: S1734484424.084648,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3315
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 55EB 345 KB
85 KB 108ms
17ms Script
application/javascript 3.171.86.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.86.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-86-171.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 3291
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 7f7d9243d958ecc0cb433b766a106f4c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: XZPltw8CwMDX9AJ6_CGcmHy-X_Hgkia74y_JTuMyoJI5sjlp-ZQWRw==
date: Wed, 18 Dec 2024 00:18:54 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:03 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD89-P3
x-amz-server-side-encryption: AES256

GET
H2 200 70931.js Show response
hb.vntsm.com/v4/live/vms/ 4 KB
2 KB 17ms
14ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/70931.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "9e7fb4d06025ae014b338876bbd0725e"
age: 1032
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4355-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 42, 8
strict-transport-security: max-age=300
x-amz-id-2: 1YPY7iliBwQh+/fRoafO/WaH/LVayGIN2YttkwNyBF3fduS+twhCZnqfs4nQuMIM9RhpfRSIQHY=
x-timer: S1734484424.103948,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1618
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 96047.js Show response
hb.vntsm.com/v4/live/vms/ 2 KB
1 KB 17ms
14ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/96047.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1fbaed711a15d37ad237843b3ad78da31d818c6193e8927d7e01ff2f9286f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "a7d4e05c4af0c4ea0c366681b121a977"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:34 GMT
vary: Accept-Encoding
x-served-by: cache-dub4358-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 43, 8
strict-transport-security: max-age=300
x-amz-id-2: DgUtRultmKI8EBMzWvBi7xyb6nKkFK51RfFGLFrJOyEIbVOkhiWhSaeA1MIjxr4bO9oXKHdFZU+zW9UTa/GUSlCcVuAGDltSajob4A/V4Rg=
x-timer: S1734484424.103910,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1091
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 26497.js Show response
hb.vntsm.com/v4/live/vms/ 17 KB
6 KB 13ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/26497.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1eeeec8176343b2daf4fc9fe169d1269f6cc328ad2611d59d0777af09e4f3b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "3595b3980b672ce83e4ded2c1635e24a"
age: 1032
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4330-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 58, 8
strict-transport-security: max-age=300
x-amz-id-2: 9r4y/hiqkdD1/pUrM23XDz3bcZOC/KiBIrohPd+ExU0zPCvevK+dfF7kF9XNb3oD2Vm75w3CSe+IE8ZdAYl7iQ==
x-timer: S1734484424.103865,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5998
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 55153.js Show response
hb.vntsm.com/v4/live/vms/ 2 KB
2 KB 15ms
13ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/55153.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee096a851d8d6abd4eb044eb7463de39bb6b6b09716693b8ffc645d5353ffdf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "a6dad4e715762024d27620ea448015eb"
age: 1031
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4364-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 44, 8
strict-transport-security: max-age=300
x-amz-id-2: BXtJ0B+KHjI2DdMqkHdttEQ/SoyIqNXrgApU1vwCg8K5hbXlz9oWfN+WK1k0S8Rl0HV8TPd2NVp1qzQpmSW8rdWkAJ31+NGqmdxXqtpvxX0=
x-timer: S1734484424.104773,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1134
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 45496.js Show response
hb.vntsm.com/v4/live/vms/ 3 KB
1 KB 13ms
11ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/45496.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "3379cf07bf3c8190cfeb182577d46bd8"
age: 1032
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4344-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 57, 8
strict-transport-security: max-age=300
x-amz-id-2: QxuipDxyBPr4fA44V9WY/PBPSs2afToVlp2Zd9BijD3MljxSdrlMIsfMreaf2U5R9mniXpr0QBs=
x-timer: S1734484424.104704,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1232
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 10891.js Show response
hb.vntsm.com/v4/live/vms/ 2 KB
1 KB 14ms
12ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/10891.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

503b67852f8ba1a8fa41f50039a65613a5aefdc6a04ec8ffe64bfcb692f3e1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "683b2eb69842ba06d6df27efcc339f8c"
age: 1032
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4353-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 57, 8
strict-transport-security: max-age=300
x-amz-id-2: P2+e6skz3HWka34UVe74Hj4+xjhPM5f72OG5mNZOEKLIOhGz3xeBellvGaEMeslwc1k0mRIPwFZYzXZ+HJhJ3DVuePYM6By4CZTBKhNxVR0=
x-timer: S1734484424.104668,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 923
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 53ms
17ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 20ms
18ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/octet-stream
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key

GET
H2 200 21829.js Show response
hb.vntsm.com/v4/live/vms/ 13 KB
5 KB 11ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/21829.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dbb63c2603e6d239120e8b8db2596952051040c76cc5d90bfa31be9353d41edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "d3f4934e5d21748d0d9338a85244473c"
age: 1028
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4362-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 43, 5
strict-transport-security: max-age=300
x-amz-id-2: fv0CtQvaGX1XfgLqHzCv97ifI+Vy8kJyLTVpua1Bqr/yJbzCXz/GmLwlR4oTnka4ZUCIXV4PyYk=
x-timer: S1734484424.317655,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5007
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 20897.js Show response
hb.vntsm.com/v4/live/vms/ 12 KB
5 KB 11ms
9ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/20897.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b16e5c1b0511d63320e1cfaefaf85533e8f1fb10f370097551f92106061deee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "3f9a36ee1517db93da602b4e76f9013c"
age: 1023
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4342-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 39, 5
strict-transport-security: max-age=300
x-amz-id-2: iIANIvueo5yG9T6R2LjpxnhOoqgh8e34dNv95lKwH3nR48kINIbj96KXWNczGadDBb8cwxMNMtB4NGbnelBagtGjMwOrvWp/j0C75dwKyV0=
x-timer: S1734484424.320360,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4453
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 61665.js Show response
hb.vntsm.com/v4/live/vms/ 9 KB
4 KB 11ms
9ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/61665.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

91ab4319172810c7d5b823ad3a55a79a944fbf12dea8917abf83be875bbef3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "4a2c4cdcb947beee0ad16be59fdd203f"
age: 1030
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4366-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 42, 6
strict-transport-security: max-age=300
x-amz-id-2: iVQYuzVMLGyZuS8vAkRF77TMFInx5QcpJ+HEjkb1Uds6aOT6DP/sNZWZ4zA4/Pcgac0SuEOCwHAnYVJ9SbNDHNFpKjVXYiJA
x-timer: S1734484424.320812,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3695
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 53206.js Show response
hb.vntsm.com/v4/live/vms/ 7 KB
3 KB 11ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/53206.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf87de89183fa9a833ca8e8a3eec67c3bc8486c2bd8c9ccc606d87aa00b6b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "141bfa86d2b4ab2f3e2862e5b1f2c8ab"
age: 1030
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4342-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 32, 6
strict-transport-security: max-age=300
x-amz-id-2: lW45IpFTxwPy3YPTfy8ZPskYoOa5RUB9FthAAmknCt+8ay95NEdyowpjOM6K7QUvNlC89TA8ZoXdaIVgDjIOGFfIK+GlpWHp8eKx8VJDoAE=
x-timer: S1734484424.320850,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3322
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 69380.js Show response
hb.vntsm.com/v4/live/vms/ 10 KB
4 KB 12ms
10ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/69380.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fcabdf2179893e65712e6c0f53720282212686d90a084d4dfd7ff0a2e4a767b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "600d91308e0febb93f62b7176d239cac"
age: 1028
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4329-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 63, 5
strict-transport-security: max-age=300
x-amz-id-2: 3wmruwe+THbzXDprqrZg8+F9oQbBi0kmsfJwzaAXCXH4DXfwF7Q6T8AcXXUBcQzvkDWv7NNS890=
x-timer: S1734484424.321500,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3727
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 43863.js Show response
hb.vntsm.com/v4/live/vms/ 10 KB
5 KB 13ms
12ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/43863.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1411aae1169bc6a112972d21e652b2f8258f42c45b0c1a6215cafbeb2d628048

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "9609c9598fa0e45a695c7bf73ff85b64"
age: 1029
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4353-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 53, 1
strict-transport-security: max-age=300
x-amz-id-2: agCBgBHgmo2xgS97r8dqKLbfgqSEUIYufl1ADPa1DpY+RswOTzFTIOZv71MC9jKFhPHTg0hOwpz2vXsD/cz1ZT7dRIyvueHQ/ih8XufBmxU=
x-timer: S1734484424.321817,VS0,VE1
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4815
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 63619.js Show response
hb.vntsm.com/v4/live/vms/ 4 KB
2 KB 12ms
11ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v4/live/vms/63619.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88398f9c6e6e58256cbe9e0e6724a34da84954576797190d0af4dfd89c45e726

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding: gzip
etag: "3bf7b1a08757423ad488dc255104aa36"
age: 1027
access-control-allow-methods: GET, OPTIONS
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 17 Dec 2024 15:26:33 GMT
vary: Accept-Encoding
x-served-by: cache-dub4349-DUB, cache-lga21960-LGA
content-type: application/javascript
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits: 35, 4
strict-transport-security: max-age=300
x-amz-id-2: eP6xRkpKNjJF8rVF0sJxKs6Q6QFykiUeaiwTzU99oDEooiw3Z/5jWAgnzGx4ZlnfmatWTnUIvWU=
x-timer: S1734484424.322123,VS0,VE0
x-ip: 5.181.234.132
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1793
geo-sub: NY
x-geo: US
venatus-cdn-hb-rule-version: 1.1
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 361 KB
121 KB 38ms
36ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RQB4Z4BXHC&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d554ec9187e695913eb9675f063b9e33927ce0327050cc184164e9c838eab8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 18 Dec 2024 01:13:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123345
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 53ms
17ms Script
text/javascript 2607:f8b0:4004:c1f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
age: 1410
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 02:50:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 00:50:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

OPTIONS
H2 204 activity
cloudmetrics.xenforo.com/api/v1/websites/2031506433434189/ Frame 0
0 401ms
373ms Preflight 104.20.106.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudmetrics.xenforo.com/api/v1/websites/2031506433434189/activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.106.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac45d3f41b5-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-powered-by: PHP/8.3.12

OPTIONS
H2 204 activity
cloudmetrics.xenforo.com/api/v1/websites/1710916522909624/ Frame 0
0 374ms
346ms Preflight 104.20.106.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudmetrics.xenforo.com/api/v1/websites/1710916522909624/activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.106.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac45d4041b5-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-powered-by: PHP/8.3.12

POST
H2 200 activity Show response
cloudmetrics.xenforo.com/api/v1/websites/2031506433434189/ 16 B
74 B 115ms
114ms Fetch
application/json 104.20.106.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudmetrics.xenforo.com/api/v1/websites/2031506433434189/activity
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.106.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, private
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac6bfcb41b5-EWR
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
x-powered-by: PHP/8.3.12
server: cloudflare

POST
H2 403 activity Show response
cloudmetrics.xenforo.com/api/v1/websites/1710916522909624/ 38 B
125 B 111ms
109ms Fetch
application/json 104.20.106.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudmetrics.xenforo.com/api/v1/websites/1710916522909624/activity
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.106.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12
Resource Hash: 9b39cbb88caa4a151b911bc85cdb57a4faf5a2f4db1d8caed60083b7bd3bf03e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, private
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac68fa141b5-EWR
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
x-powered-by: PHP/8.3.12
server: cloudflare

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 55EB 6 KB
3 KB 51ms
18ms XHR
application/javascript 3.171.86.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.86.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-86-171.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76940
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: UyQ5pd4lMBs0_LX7lJNK7d8SZk3rflbf0utU3SqTXfl-X0feiRTO3A==
date: Tue, 17 Dec 2024 03:51:25 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 a200bd6bd7a2a1a7c913d90d4a02fdf6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: IAD89-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ Frame 55EB 563 B
829 B 69ms
14ms Script
application/javascript 18.160.10.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-101.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: abce51476c992eaaacd53b9b0f4ef97b8d9ceaacad89e706a3bde801ed30e6e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=3600
age: 2682
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: 5euP2Km8dSd25lXVwQ4BveXDGe1dWgtKplimAkqBq1esw9DaZEdOaA==
date: Wed, 18 Dec 2024 00:29:02 GMT
content-type: application/javascript
x-amz-cf-pop: IAD12-P3
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 55EB 2 KB
3 KB 20ms
16ms XHR
application/json 3.171.86.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.overtake.gg&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.86.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-86-171.iad89.r.cloudfront.net
Software: Server /
Resource Hash: 4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 2465
access-control-allow-credentials: true
via: 1.1 7f7d9243d958ecc0cb433b766a106f4c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.overtake.gg
x-cache: Hit from cloudfront
content-length: 2353
x-amz-cf-id: -4zc_eJZX6YdE9ZpXxzEyJN3sb4gHthR5yCJG67Leqjdh-9H2qLOQg==
date: Wed, 18 Dec 2024 00:32:38 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: IAD89-P3
server: Server

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 index.php Show response
www.overtake.gg/ 204 B
513 B 92ms
90ms XHR
application/json 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/index.php?sam-item/104/track-view

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/js/vendor/jquery/jquery-3.5.1.min.js?_v=4944575a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

aac4e326a96da88c16718fd95d7da1256a95bcc77fe9bce03f1b9ff0d04049cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-robots-tag: none
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 147
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 200 index.php Show response
www.overtake.gg/ 211 B
518 B 92ms
90ms XHR
application/json 95.179.177.152
AS-VULTR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.overtake.gg/index.php?sam-item/103/track-view

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/js/vendor/jquery/jquery-3.5.1.min.js?_v=4944575a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.179.177.152 Amsterdam, Netherlands, ASN20473 (AS-VULTR, US),

Reverse DNS

95.179.177.152.vultrusercontent.com

Software

nginx /

Resource Hash

57fed9e14abdf791c149729e63748a2204c0309924f4aeb8fdfab33615ee5ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-robots-tag: none
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 152
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 18 Dec 2024 01:13:44 GMT
server: nginx
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 121ms
39ms Preflight 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.overtake.gg
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac5de2f430f-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 82 B
627 B 86ms
20ms Fetch
application/json 3.167.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.112.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-112-98.iad55.r.cloudfront.net
Software: istio-envoy /
Resource Hash: c204cda469464787773e3a4a3162268e2889d470c7ac58270f5a915147edd91d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 ddba66e53ff633c34296b8e866a481e2.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.overtake.gg
x-cache: Miss from cloudfront
content-length: 107
x-amz-cf-id: oCS7YU7zsq_LUV9eS8GIckuYYtDo_epegsyRpxkTYHoVYS7mDIZvHw==
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
x-amz-cf-pop: IAD55-P8
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 591 B
678 B 117ms
60ms Fetch
application/json 52.205.45.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.21.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.45.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-45-196.compute-1.amazonaws.com
Software: /
Resource Hash: c8b7fbea6c9baa36bae02a04ff681d75c06a1ca4d061e04dde82ffcc27743fd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: https://www.overtake.gg
content-length: 323
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 145ms
119ms Fetch
application/json 147.75.198.144
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: a070d24f775382d7a70aaa16ffcebfcb866377147e56cb42ebd4edd4d20410ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
x-envoy-upstream-service-time: 108
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 523
date: Wed, 18 Dec 2024 01:13:43 GMT
content-type: application/json; charset=utf-8
vary: origin, accept-encoding
server: envoy

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
487 B 172ms
135ms Fetch 2620:100:a00b::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.21.0&cb=8334284679&lsavail=1&networkId=7879

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
vary: Origin
server: Kestrel

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
702 B 140ms
95ms Fetch
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=1119523
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373cdb0eb91d722b4880971e68c33a214b25c92110706ac0ed9ae92dda12cdbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HML8bN%2F%2FAdV4IHJCNz8IsO6gFbOOWKoW%2BxYS9Le3WRlZGc1RfsCezxtGfWEMV%2BJDnOar3akNgcEDQY57m6%2B4Ej5YVYjQ6t1EQEuE%2FYSGklr%2Bb2CFpQCAeCJB8fTxBHdzRPCca%2FID"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8f3b4ac5995e4402-EWR
access-control-allow-origin: https://www.overtake.gg
content-length: 37
server: cloudflare

POST
H2 200 66e07a63c2860a7154ed385c Show response
exchange.kueezrtb.com/prebid/multi/ 37 KB
22 KB 510ms
424ms Fetch
application/json 134.209.129.201
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/66e07a63c2860a7154ed385c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.129.201 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6e23bd216d7828ac209ae8e2fbbc02dbdd6a8c9f3b34a2e3a540990ec0bd01ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 21220
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 66e07a63c2860a7154ed385c Show response
exchange.kueezrtb.com/prebid/multi/ 36 KB
21 KB 499ms
412ms Fetch
application/json 134.209.129.201
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/66e07a63c2860a7154ed385c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.129.201 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: d1d7c2b8a54a6df31261dd813f4c5c59c920ba9d89acea202d5cd97ebb62dcf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 21057
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 66e07a63c2860a7154ed385c Show response
exchange.kueezrtb.com/prebid/multi/ 36 KB
17 KB 480ms
394ms Fetch
application/json 134.209.129.201
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/66e07a63c2860a7154ed385c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.129.201 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1356dd485fa997ae40a4d02ffdff434d39b8e42fadc6b78c4cabfde42b5dfea9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 16638
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 1 KB
903 B 168ms
143ms Fetch
application/json 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74296f907487ee210db1ebf04c8f6d7e572a814804b4d7044862cfeb0b22ab7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8f3b4ac64cc74334-EWR
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 666 B
2 KB 327ms
289ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=527682&zone_id=3449268&size_id=15%3B2%3B9&alt_size_ids=13%2C14%2C552%3B55%2C57%3B&rp_schain=1.0,1!venatus.com,6295d5b45a3283646fc8cfb2,1,,,&rf=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&tg_i.domain=overtake.gg&tg_i.page=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&tg_i.pbadslot=%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6655832a423195164ba97904%23p7_0_0%3B%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_665584c0423195164ba9790a_TO%23p24_0_0%3B%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6675592fd1b4a21bef3a8470%23p26_0_0&tk_flint=pbjs_lite_v9.21.0&x_source.tid=0&l_pb_bid_id=31cfa9c6f5c6344%3B328af0a589098be%3B3354cf36232cefa&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8c1a6ae1-98b6-45b0-931a-cbca3d7f2caf%3B9b540ba1-1e2e-496b-a548-237dc3e24bf6%3B6262a89c-d485-4716-9d89-0714be52baf3&rp_maxbids=1&p_gpid=%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6655832a423195164ba97904%23p7_0_0%3B%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_665584c0423195164ba9790a_TO%23p24_0_0%3B%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6675592fd1b4a21bef3a8470%23p26_0_0&m_ch_mobile=%3F0&slots=3&rand=0.2902479751367404
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 93a1fd8b6c2b3e43c67b2570dd649af62ebfd663d65e2fda0ef8cf04a4ad93a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 21 KB
9 KB 419ms
349ms Fetch
application/json 172.64.153.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.66 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc835a8d3a2caf98adb7d4656e81ac0a988c50cb18ee79820c60879e19f2a1c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8f3b4ac5ec2c4299-EWR
expires: 0
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 109ms
78ms Fetch 207.65.37.179
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
access-control-allow-credentials: true

POST
H2 204 bidder Show response
pbs.optidigital.com/ 0
253 B 245ms
186ms Fetch
application/json 34.160.72.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.optidigital.com/bidder
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.72.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.72.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
expires: 0
access-control-allow-origin: https://www.overtake.gg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
x-prebid: pbs-go/32.9.1
content-type: application/json
vary: Accept-Encoding,Origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 55EB 241 B
542 B 430ms
374ms XHR
text/javascript 3.167.113.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&pid=poxfRTjO3BrLm&cb=0&ws=0x0&v=24.1105.2150&t=6000&slots=%5B%7B%22sd%22%3A%22p7_0_0%22%2C%22s%22%3A%5B%22250x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2FVM_664335edf2089a039dc08ec0%2FVM_6655832a423195164ba97904%21pid%3A5019%21ab%3Afalse%22%7D%2C%7B%22sd%22%3A%22p24_0_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2FVM_664335edf2089a039dc08ec0%2FVM_665584c0423195164ba9790a%21pid%3A5018%21ab%3Afalse%22%7D%2C%7B%22sd%22%3A%22p26_0_0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2FVM_664335edf2089a039dc08ec0%2FVM_6675592fd1b4a21bef3a8470%21pid%3A5028%21ab%3Afalse%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21venatus.com%2C6295d5b45a3283646fc8cfb2%2C1%2C%2C%2C&sm=b37cf327-c923-43c6-8ca7-5fd643ca6561&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.113.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-113-34.iad55.r.cloudfront.net
Software: Server /
Resource Hash: 91b78582095e2d2380065bdf104d8afabc4cb5d922777fb21ae3d0ccf19dc5c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 46ac2c9f87eca5473c2cb27cfe0168a4.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.overtake.gg
x-cache: Miss from cloudfront
content-length: 209
x-amz-cf-id: pW_ViUNbWSmIA2V7InfJEunFqy7rddEi34Ma7qE8E2HPFreyaUV8hg==
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: IAD55-P8
server: Server

POST
H2 200 auction Show response
tlx.3lift.com/header/ 12 KB
5 KB 263ms
204ms Fetch
application/json 107.22.180.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.21.0&referrer=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&tmax=6000

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.22.180.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-22-180-23.compute-1.amazonaws.com

Software

Resource Hash

c56026feeefbc64e0fe6e26ab816271dba4e0bc95db9cf99d7e515c502e268c0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: zstd
pragma: no-cache
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://www.overtake.gg
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 3867
x-xss-protection: 0
content-type: application/json; charset=utf-8

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 4 KB
2 KB 191ms
148ms Fetch
application/json 52.87.138.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.21.0&lt=1734484424568&to=600&aun=p24_0_0&gpid=%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_665584c0423195164ba9790a_TO%23p24_0_0&t=swsvu4hc&pi=8&schain=1.0%2C1!venatus.com%2C6295d5b45a3283646fc8cfb2%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&tpl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.21.0%22%7D&ogu=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&dnt=0&lang=en
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.138.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-138-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 313cfef5d6914d3086c7d3093c9f0752958a29e3cb910e79f34e8f3cfbb8f33c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
370 B 152ms
100ms Fetch 23.21.14.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=9.21.0&p=%5B%7B%22placement_id%22%3A%22p7_0_0%22%2C%22callback_id%22%3A%225560d9d97445f48%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B300%2C200%5D%2C%5B200%2C200%5D%5D%2C%22ym_placement_id%22%3A%223600276472536703059%22%2C%22gpid%22%3A%22%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6655832a423195164ba97904%23p7_0_0%22%2C%22tid%22%3A%228c1a6ae1-98b6-45b0-931a-cbca3d7f2caf%22%2C%22auctionId%22%3A%220%22%7D%2C%7B%22placement_id%22%3A%22p24_0_0%22%2C%22callback_id%22%3A%2256a3e3321315dae%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%223600276472536703059%22%2C%22gpid%22%3A%22%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_665584c0423195164ba9790a_TO%23p24_0_0%22%2C%22tid%22%3A%229b540ba1-1e2e-496b-a548-237dc3e24bf6%22%2C%22auctionId%22%3A%220%22%7D%2C%7B%22placement_id%22%3A%22p26_0_0%22%2C%22callback_id%22%3A%22574e9f8f1b4a0b9%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223600276472536703059%22%2C%22gpid%22%3A%22%2F21726375739%2FVM_664335edf2089a039dc08ec0%2FVM_6675592fd1b4a21bef3a8470%23p26_0_0%22%2C%22tid%22%3A%226262a89c-d485-4716-9d89-0714be52baf3%22%2C%22auctionId%22%3A%220%22%7D%5D&page_url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&bust=1734484424570&dnt=false&description=%23%20WRC%20Telemetry%0A%0AThis%20is%20a%20patch%20for%20WRC%207%2F8%2F9%2F10%2FGenerations%20and%20EA%20SPORTS%20WRC%2023%20that%20enables%20telemetry%20through%20shared%20memory.%0A%0AIncluded%20you%20will%20find%3A%0A*...&tmax=6000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226295d5b45a3283646fc8cfb2%22%7D%5D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.14.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-14-225.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:44 GMT
access-control-request-headers: Cache-Control, Pragma
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 55EB 54 KB
17 KB 63ms
20ms Script
application/javascript 23.204.206.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.206.35 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-206-35.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Wed, 18 Dec 2024 01:28:44 GMT
accept-ranges: bytes
content-length: 17407
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 55EB 57 KB
12 KB 59ms
24ms Script
text/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ref=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&_it=amazon&partner_id=288
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9673f82ae875cb30cc6250cf46dd863642abcb71cc700c11e4252080e7a7162a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: public, max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"ce6337b4c3ac2472ecbad3c8c45022cf"
age: 19
x-amz-request-id: 1FM4VG8JJJM5NBJY
expires: Mon, 23 Dec 2024 01:13:44 GMT
cf-ray: 8f3b4ac5ebef0fa8-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 14:23:52 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: pT5ejO0dAuKGDFBEPFgd+YpdeMxLzMnpJJVl7Pk0xrrmtWAxkhIs33ow2q9hNb0MUiEqpuEH34g=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 55EB 100 KB
29 KB 49ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4d852428cba0ba1a5108520745060d6e"
age: 1
expires: Wed, 18 Dec 2024 02:13:44 GMT
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
x-amz-id-2: hqjPVBvYARawJltdd97zwjolj990xc+M7agHlmhQTiyRVGgfq2I+ms4OdPZLGjuOPGHBT/CCh6JlC9h1b5YOQg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: B51DPBAXD4PCMQRG
cf-ray: 8f3b4ac5d849f791-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 55EB 14 KB
5 KB 76ms
34ms Script
application/javascript 23.204.206.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.206.35 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-206-35.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "38c0-5e92054540ea5-gzip"
expires: Wed, 18 Dec 2024 01:28:44 GMT
accept-ranges: bytes
content-length: 5252
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
357 B 28ms
26ms XHR
text/plain 2607:f8b0:4004:c1f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1276535263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ul=en-us&de=UTF-8&dt=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=470790069&gjid=1169666603&cid=699552227.1734484425&tid=UA-4830345-3&_gid=173860550.1734484425&_r=1&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=692796615

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.overtake.gg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
406 B 17ms
16ms Image
image/gif 2607:f8b0:4004:c1f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1276535263&t=event&_s=2&dl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ul=en-us&de=UTF-8&dt=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ads&ea=ad_impression&el=overtake_responsive_atf_slot10%20%7C%20Code%20%7C%20N%2FA&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=699552227.1734484425&tid=UA-4830345-3&_gid=173860550.1734484425&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1360441098

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

age: 4545
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 23:57:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 17ms
17ms Image
image/gif 2607:f8b0:4004:c1f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1276535263&t=event&_s=3&dl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ul=en-us&de=UTF-8&dt=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ads&ea=ad_impression&el=overtake_mpu_right_sidebar_top_slot20%20%7C%20Code%20%7C%20N%2FA&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=699552227.1734484425&tid=UA-4830345-3&_gid=173860550.1734484425&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1254118934

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

age: 4545
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 23:57:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H2 204 collect
analytics.google.com/g/ 0
0 54ms
23ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RQB4Z4BXHC&gtm=45je4cc1v9126221616za200&_p=1734484423928&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=699552227.1734484425&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1734484424&sct=1&seg=0&dl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&dt=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&en=page_view&_fv=1&_ss=1&ep.anonymize_ip=true&tfd=1616
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.overtake.gg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
545 B 72ms
24ms Ping
text/plain 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RQB4Z4BXHC&cid=699552227.1734484425&gtm=45je4cc1v9126221616za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQB4Z4BXHC&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.overtake.gg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame DF1B 0
0 61ms
30ms Document
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-RQB4Z4BXHC&gacid=699552227.1734484425&gtm=45je4cc1v9126221616za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=551380007

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame 55EB 120 B
271 B 29ms
27ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.overtake.gg&url=https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/&v=06
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ref=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b01f025b9c35e1d4f215034ebb6c665c120146bdecb29f32b7cec4933d779b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8f3b4ac779ad32ee-EWR
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 108ms
39ms Preflight
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.overtake.gg&url=https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/&v=06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ac7396d32ee-EWR
content-length: 0
content-type: text/plain
date: Wed, 18 Dec 2024 01:13:44 GMT
expires: Thu, 18 Dec 2025 01:13:44 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 55EB 49 KB
17 KB 68ms
67ms Script
application/javascript 23.204.206.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.206.35 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-206-35.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "c4b6-5e920545406d3-gzip"
expires: Wed, 18 Dec 2024 01:28:44 GMT
accept-ranges: bytes
content-length: 17042
date: Wed, 18 Dec 2024 01:13:44 GMT
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 cropped-favicon-270x270.png
overtake-data.community.forum/styles/100/styles/overtake/xenforo/ 13 KB
13 KB 23ms
23ms Other
image/png 2606:4700:3032::6815:33e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://overtake-data.community.forum/styles/100/styles/overtake/xenforo/cropped-favicon-270x270.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:33e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7278fb43d3535ca945547bd29ab3a16b9e952737aa5f8e6b1e538f46e8f279d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-cache-status: HIT
etag: "4f133486e809b4cb56a6bb51693b3ae5"
age: 1695469
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1P7WwnTAxd%2BFk6ngv5zf043Yc6e%2BuN71FexoEUkXGdQ2alOGirU4sfML5o4rM0ZhWpsaZZQtBIr7EL4zf%2BaW6Y6DAxUVxYdg0IH%2BKJpzTbfjsvAyFH4gyLc5usY8CsApV6Agvkz3OHJmsOKL1K1gJRGQZQtdnBp6agBMag%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8531&min_rtt=8385&rtt_var=666&sent=15&recv=15&lost=0&retrans=0&sent_bytes=9363&recv_bytes=2369&delivery_rate=1085347&cwnd=257&unsent_bytes=0&cid=6a38fd64eed9a894&ts=1263&x=0"
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: image/png
last-modified: Thu, 12 Sep 2024 09:58:44 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3b4ac71de8428b-EWR
accept-ranges: bytes
content-length: 12858
server: cloudflare

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 55EB 190 B
463 B 148ms
29ms XHR
application/json 2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=1800
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials: true
expires: Wed, 18 Dec 2024 01:43:44 GMT
access-control-allow-origin: https://www.overtake.gg
content-length: 190
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/json
vary: Origin
server: nginx

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ Frame 55EB 9 KB
5 KB 83ms
58ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&ref=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c4d4b27eb53382a5d961dafd54a8101c132ed93979e18e91b572cd9bf5d0c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 296
cross-origin-resource-policy: cross-origin
cf-ray: 8f3b4ac7cd44c425-EWR
date: Wed, 18 Dec 2024 01:13:44 GMT
content-type: application/javascript
vary: accept-encoding
server: cloudflare
last-modified: Wed, 18 Dec 2024 01:07:10 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 55EB 229 KB
66 KB 63ms
63ms Script
application/javascript 23.204.206.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.206.35 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-206-35.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "394d0-60864a57eaadc-gzip"
expires: Wed, 18 Dec 2024 01:28:45 GMT
accept-ranges: bytes
content-length: 67550
date: Wed, 18 Dec 2024 01:13:45 GMT
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 7C3C
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_...

0
0

39ms
39ms

Document
text/html

98.82.157.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_n-Rise_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-137.compute-1.amazonaws.com

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 411
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 18 Dec 2024 01:13:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PY8EP5TT41NW86E8M8T0

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 18 Dec 2024 01:13:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-Ogury_rx_snb_n-MediaNet_smrt_n-Tappx_n-inmobi_n-adYouLike_n-sharethrough_pm-db5_rbd_ppt_n-baidu_n-nativo_an-db5_n-Rise_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0JH13P66MV6A8ZD74ASM

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 72ms
38ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80300a0135dbbab625850bb0843efbb3d62cb243139f87fc075476626a9db8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
etag: 961 / 20075 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:13:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33972
x-xss-protection: 0
server: cafe

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 55EB 57 KB
12 KB 23ms
23ms Script
text/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=288&sync=1&url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9673f82ae875cb30cc6250cf46dd863642abcb71cc700c11e4252080e7a7162a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: public, max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"ce6337b4c3ac2472ecbad3c8c45022cf"
age: 20
x-amz-request-id: 1FM4VG8JJJM5NBJY
expires: Mon, 23 Dec 2024 01:13:45 GMT
cf-ray: 8f3b4ac9280e0fa8-EWR
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 14:23:52 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: pT5ejO0dAuKGDFBEPFgd+YpdeMxLzMnpJJVl7Pk0xrrmtWAxkhIs33ow2q9hNb0MUiEqpuEH34g=

GET
H2 200 288 Show response
p.ad.gt/api/v1/p/ Frame 55EB 40 KB
14 KB 127ms
24ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/288
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a4e34781c1fe085ece889fa8ec85f966ddc987831e5a96f4cc92706caa7c09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 175
cf-ray: 8f3b4ac9d8177c7b-EWR
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/javascript
vary: accept-encoding
server: cloudflare
last-modified: Wed, 18 Dec 2024 01:08:39 GMT

GET
H2 200 ip_match
ids4.ad.gt/api/v1/ Frame 55EB 0
191 B 358ms
75ms Image
text/html 35.155.132.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.132.249 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-132-249.us-west-2.compute.amazonaws.com
Software: timberwolf /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-length: 0
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/html; charset=utf-8
server: timberwolf

GET
H2

200

match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=1183467559838709040&gdpr=0

43 B
95 B

147ms
85ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=1183467559838709040&gdpr=0
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acb3b480f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&adnxs_id=1183467559838709040&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.132; 5.181.234.132; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 9271e1f6-9173-4d1a-b87f-061e70e0e453
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 18 Dec 2024 01:13:45 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

openx
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=0de4aa32-ca14-4242-a5a5-44018b02bc98&id=AU1D-0100-001734484425-8ME6GT9C-3F03&auid=AU1D-0100-001734484425-8ME6GT9C-3F03

43 B
95 B

151ms
113ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=0de4aa32-ca14-4242-a5a5-44018b02bc98&id=AU1D-0100-001734484425-8ME6GT9C-3F03&auid=AU1D-0100-001734484425-8ME6GT9C-3F03
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acb0ae10f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/openx?openx_id=0de4aa32-ca14-4242-a5a5-44018b02bc98&id=AU1D-0100-001734484425-8ME6GT9C-3F03&auid=AU1D-0100-001734484425-8ME6GT9C-3F03
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2

200

UCookieSetPug
image2.pubmatic.com/AdServer/ Frame 55EB
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03

0
93 B

48ms
14ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/html; charset=utf-8
server: nginx

Redirect headers

cache-control: no-store, no-cache, private
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 18 Dec 2024 00:46:49 GMT
server: nginx

GET
H2

200

rub_match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&rub=M4T78RDA-B-33WD&gdpr=0

43 B
95 B

211ms
137ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&rub=M4T78RDA-B-33WD&gdpr=0
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acafabd0f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
Location: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&rub=M4T78RDA-B-33WD&gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
Pragma: no-cache
content-length: 0

GET
H2

200

t_match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001734484425-8ME6GT9C-3F03&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=da1885a5-023f-4800-b3fa-625212598cf2&id=AU1D-0100-001734484425-8ME6GT9C-3F03

43 B
95 B

148ms
108ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=da1885a5-023f-4800-b3fa-625212598cf2&id=AU1D-0100-001734484425-8ME6GT9C-3F03
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acb0ae30f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=da1885a5-023f-4800-b3fa-625212598cf2&id=AU1D-0100-001734484425-8ME6GT9C-3F03
content-length: 259
date: Wed, 18 Dec 2024 01:13:45 GMT
server: Kestrel

GET
H2

200

tapad_match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001734484425-8ME6GT9C-3F03&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001734484425...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001734484425-8ME6GT9C-3F03&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001734...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=27ad4042-4fa7-4696-aee2-e8478ca2e068%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da1885a5-023f-4800-b3fa-625212598cf2&ttd_puid=27ad4042-4fa7-4696-aee2-e8478ca2e068%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&tapad_id=27ad4042-4fa7-4696-aee2-e8478ca2e068

43 B
95 B

151ms
138ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&tapad_id=27ad4042-4fa7-4696-aee2-e8478ca2e068
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acc7d540f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&tapad_id=27ad4042-4fa7-4696-aee2-e8478ca2e068
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 18 Dec 2024 01:13:45 GMT
server: Jetty(11.0.13)

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 55EB 170 B
409 B 156ms
24ms Image
image/png 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001734484425-8ME6GT9C-3F03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 18 Dec 2024 01:13:45 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

amo_match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001734484425-8ME6GT9C-3F03
https://ids.ad.gt/api/v1/amo_match?turn_id=8222155452907852911&id=AU1D-0100-001734484425-8ME6GT9C-3F03

43 B
94 B

212ms
136ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=8222155452907852911&id=AU1D-0100-001734484425-8ME6GT9C-3F03
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acafabc0f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ids.ad.gt/api/v1/amo_match?turn_id=8222155452907852911&id=AU1D-0100-001734484425-8ME6GT9C-3F03
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Wed, 18 Dec 2024 01:13:48 GMT

GET
H2

200

son_match
ids.ad.gt/api/v1/ Frame 55EB
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=769ac60e-bebf-43f6-8b29-38b5aa207e1f&gdpr=0

43 B
170 B

209ms
139ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=769ac60e-bebf-43f6-8b29-38b5aa207e1f&gdpr=0
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acafac00f7c-EWR
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001734484425-8ME6GT9C-3F03&uid=769ac60e-bebf-43f6-8b29-38b5aa207e1f&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 18 Dec 2024 01:13:45 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-162
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 55EB
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001734484425-8ME6GT9C-3F03
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczNDQ4NDQyNS04TUU2R1Q5Qy0zRjAz

170 B
232 B

62ms
24ms

Image
image/png

172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczNDQ4NDQyNS04TUU2R1Q5Qy0zRjAz

Protocol

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 18 Dec 2024 01:13:45 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-ray: 8f3b4acafaba0f7c-EWR
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczNDQ4NDQyNS04TUU2R1Q5Qy0zRjAz
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/html; charset=utf-8
vary: accept-encoding
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 17ms
17ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 7800
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 23:03:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 23:03:45 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 16ms
16ms Other
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 70088
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 05:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 05:45:37 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 21726375739 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 189ms
40ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21726375739?ers=3

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

262fae2772a8e7f1535df8bf3ea4c353a5d08aa97a8e03ab42b1373f09ab5074

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rcS4BHTKal_-oPgCHpNScw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XCcPNyxm03gRvOuaUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYAyb9KVQ"
content-security-policy: script-src 'report-sample' 'nonce-rcS4BHTKal_-oPgCHpNScw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 bounce Show response
id5-sync.com/ Frame 55EB 29 B
453 B 363ms
88ms Fetch
text/plain 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.overtake.gg
p3p: CP="CAO PSA OUR"
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 55EB 45 B
287 B 373ms
86ms Fetch
application/json 162.19.138.119
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

b1b4131ff73c7d055701086c8b314026f5f1a1696cc5b671751d942563d1a39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 55EB 270 KB
95 KB 60ms
45ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d0d9acbea562c99741bc022b684e2213e797b4f9d17bccecec82693ee6abc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 18 Dec 2024 01:13:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97090
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect Show response
a.ad.gt/api/v1/ Frame 55EB 0
116 B 224ms
145ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4aca9983c425-EWR
access-control-allow-origin: https://www.overtake.gg
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ Frame 55EB 0
88 B 232ms
98ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=11fd5d9599afdf26625fe7ec77cdb6a2&url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acc4cee8c47-EWR
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:45 GMT
server: cloudflare

POST
H2 200 match Show response
seg.ad.gt/api/v2/ Frame 55EB 4 KB
403 B 194ms
132ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d734e77c6a8a9d8c5d50619c59a0f6fed3dcd220e1184df56ee120b771e30988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.overtake.gg/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8f3b4acbfe2442f5-EWR
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 196ms
100ms Preflight 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8f3b4acb0c7b42f5-EWR
date: Wed, 18 Dec 2024 01:13:45 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

POST
H2 200 v3 Show response
id5-sync.com/gm/ Frame 55EB 700 B
1 KB 108ms
88ms XHR
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

6a7d24600922a4cb6f8321d71a61cc6c2994832ea9b22d109cdb90da56ebcfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.overtake.gg
p3p: CP="CAO PSA OUR"
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/json
vary: Origin

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame C928 0
0 137ms
26ms Document
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 1780
apigw-requestid: C9fTfiFpvHcESZw=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8f3b4acddac50f49-EWR
content-encoding: br
content-type: text/html
date: Wed, 18 Dec 2024 01:13:45 GMT
last-modified: Wed, 18 Dec 2024 00:08:28 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

GET
H2 200 AGSKWxW2J1ZtJpAIizNHXo78syLGSe8s4Hhc2tIvo9IKyyY8T65o2SYf1mafRSnovv5ffylm1UvTiDWau52vB0kUYV_XPF42zswQyoMtA4YDuEkVB0l-z47-Qv5nxFZV_6jGVX6VrQQJ-w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 76ms
73ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW2J1ZtJpAIizNHXo78syLGSe8s4Hhc2tIvo9IKyyY8T65o2SYf1mafRSnovv5ffylm1UvTiDWau52vB0kUYV_XPF42zswQyoMtA4YDuEkVB0l-z47-Qv5nxFZV_6jGVX6VrQQJ-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDg0NDI1LDg0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cub3ZlcnRha2UuZ2cvZG93bmxvYWRzL3dyYy10ZWxlbWV0cnktcGF0Y2guMzg5OTEvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adcb15c44661d243089b0313ad51b7474a88371bb35d33c9cf168514e2dc799a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uiqD2TX1hM5nt4frBwxXQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcJw83LGbTeDF3mNrmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACakUXN"
content-security-policy: script-src 'report-sample' 'nonce-uiqD2TX1hM5nt4frBwxXQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame C36A 0
0 50ms
16ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 00:35:20 GMT
expires: Wed, 18 Dec 2024 01:25:20 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 68ms
31ms XHR
application/json 2607:f8b0:400d:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

228f63b307a72d9179806c83cd5262f461f4c5b6fa135e2be1de5a64c7912180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13250
date: Wed, 18 Dec 2024 01:13:45 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 75ms
11ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 2237526
x-goog-stored-content-encoding: gzip
expires: Sat, 22 Nov 2025 03:41:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Fri, 22 Nov 2024 03:41:39 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC6Eq2olzoR79Y_5lTCQ7y654wa5BuWbjwLDIcYeoxfhJE1r1UH0aGNfx9UpDKxwZ3TUvmoTtdAMSA
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 75ms
15ms Script
text/javascript 3.167.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-77.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 58904
via: 1.1 9b9a066c240ddede25e109bd9f493f86.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 9YFdoiq_mL41So1ngsIF_rn_fPXF4APXb93TzOCxLyGy-r3kygmcsw==
date: Tue, 17 Dec 2024 08:52:02 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 62ms
21ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Thu, 19 Dec 2024 01:13:45 GMT
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 161ms
99ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

etag: e8fb4c5e5648d4012fd13b4c454df319
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 20:03:09 GMT
server: Google Frontend
x-cloud-trace-context: 8e7f1cda4d458970116b71920b41d85c

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 92ms
31ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7174-43df"
age: 493089
cf-ray: 8f3b4ace1994de97-EWR
expires: Sat, 21 Dec 2024 01:13:45 GMT
date: Wed, 18 Dec 2024 01:13:45 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
8 KB 529ms
525ms Fetch
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1808851979744148&correlator=948942648312697&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=21726375739%3A23146369352%2CVM_664335edf2089a039dc08ec0%2CVM_665584c0423195164ba9790a_TO%2CVM_6655832a423195164ba97904&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=4x4%7C728x90%7C970x90%7C970x250%2C200x200%7C300x200%7C250x250%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1734484425874&lmt=1734484423&adxs=0%2C1090&adys=83%2C484&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&vis=1&psz=0x0%7C0x-1&msz=0x0%7C0x-1&fws=4%2C4&ohw=1600%2C1600&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734484423472&idt=1789&prev_scp=pb_has_winner%3D1%26pb_cpm%3D164%26pb_bidders%3Dcompound%26pb_size%3D0x0%26pb_above_floor%3D1%26hb_bidder%3Dcompound%26pb_r2_cpm%3D18%26pb_r2_bidders%3DkueezRtb%26pb_r2_size%3D970x250%26pb_r2_above_floor%3D1%26pb_r2_cpmDiff%3D54%26pb_r3_cpm%3D11%26pb_r3_bidders%3Dtriplelift%26pb_r3_size%3D970x250%26pb_r3_deal%3D%26pb_r3_above_floor%3D1%26pb_r3_cpmDiff%3D7.000000000000001%26pb_has_deals%3D1%26to_sp%3D1%26is_ta%3Dtrue%7Cpb_has_winner%3D1%26pb_cpm%3D33%26pb_bidders%3Dozone%26pb_size%3D300x250%26pb_above_floor%3D1%26hb_bidder%3Dozone%26pb_r2_cpm%3D14%26pb_r2_bidders%3DkueezRtb%26pb_r2_size%3D300x250%26pb_r2_above_floor%3D1%26pb_r2_cpmDiff%3D19%26pb_r3_cpm%3D11%26pb_r3_bidders%3Dtriplelift%26pb_r3_size%3D300x250%26pb_r3_deal%3D%26pb_r3_above_floor%3D1%26pb_r3_cpmDiff%3D3%26pb_has_deals%3D1%26is_ta%3Dtrue&adks=2406519737%2C3958201403&frm=20&eoidce=1&td=1&egid=31839&tan=54227e9e-2cda-4e6c-ba9e-5335f5bb3cf0%2C54227e9e-2cda-4e6c-ba9e-5335f5bb3cf1&tdf=2

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874680f49971b62ac52f618da1abf4bba6d0d050f08d6b170449d3fada360d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: dcb
google-lineitem-id: 6868965527,-2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138500969121,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 8604
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44C0 0
0 121ms
18ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:46 GMT
expires: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

264.gif
id5-sync.com/k/ Frame 55EB
Redirect Chain

https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*ac_oA4mnn6OWEGNPfT4Ibdk3qUHgqhiW1_IRRSkHoofkMvKFCaiNobSh2dQOXokv&gdpr_consent=undefined&gdpr=false
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/258/796/7/2.gif?puid=53e0bb78-4cb9-46a6-a72b-275caa4613da&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/258/434/6/3.gif?puid=9b0acc2a-46e2-40f4-97eb-89d26f35a62b&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AAJz0E7OxEQAABZF_DHftA&id5AccountNum=155&numCascadesAllowed=9
https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/258/2/4/5.gif?puid=1183467559838709040&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/258/441/3/6.gif?puid=u_8bef38e8-310a-4969-adf6-dc13e84bc2e7&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/258/429/2/7.gif?puid=477AA176-F89A-450C-8E45-4E5A86A7FA7F&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ad36gQxElp67uHp1ldNY0ZxydOgBw6PfWcpwIax5sg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F1%2F8.gif%3Fpuid%3...
https://id5-sync.com/cq/258/124/1/8.gif?puid=52844611-0f84-412f-b5d7-b335687dfa45&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=da1885a5-023f-4800-b3fa-625212598cf2&ttl=%%TTL%%

43 B
1 KB

94ms
93ms

Image
image/gif

162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/264.gif?puid=da1885a5-023f-4800-b3fa-625212598cf2&ttl=%%TTL%%

Protocol

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location: https://id5-sync.com/k/264.gif?puid=da1885a5-023f-4800-b3fa-625212598cf2&ttl=%%TTL%%
content-length: 199
date: Wed, 18 Dec 2024 01:13:47 GMT
server: Kestrel

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 126ms
103ms Preflight
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.overtake.gg
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ace891e7290-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:46 GMT
server: cloudflare
vary: Origin

POST
H2 204 event Show response
p.ad.gt/api/v1/ Frame 55EB 0
34 B 115ms
113ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acf3a067290-EWR
access-control-allow-origin: https://www.overtake.gg
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:46 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 204 event Show response
p.ad.gt/api/v1/ Frame 55EB 0
34 B 116ms
113ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.overtake.gg/

Response headers

cf-ray: 8f3b4acf29f17290-EWR
access-control-allow-origin: https://www.overtake.gg
cf-cache-status: DYNAMIC
date: Wed, 18 Dec 2024 01:13:46 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 115ms
93ms Preflight
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.overtake.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.overtake.gg
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ace89207290-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:46 GMT
server: cloudflare
vary: Origin

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 83ms
27ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:13:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
612 B 88ms
23ms XHR
application/json 34.228.175.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.175.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-175-96.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 52d13805da615c36aa2acb2b6875b9da8e323ef81fd1307fa2fdf402cb3cc708

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.overtake.gg
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.8.225
server: Jetty(9.4.38.v20210224)

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 20D5 0
0 63ms
22ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 00:56:38 GMT
expires: Wed, 18 Dec 2024 01:46:38 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame A8F8 0
0 67ms
33ms Document
text/html 2607:f8b0:4004:c09::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ziJD_sGam6zZEOzo4XPZbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ziJD_sGam6zZEOzo4XPZbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:46 GMT
expires: Wed, 18 Dec 2024 01:13:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0.36 Show response
pn.ybp.yahoo.com/ab/secure/true/imp/S3ummZ4OKpqvzXCsEjhi6muaHvw3rC3SiSmIDz5zLUziy4DrL672VfBif5y2oVFzwHG8hGf9Jiuhwg_tL_vKXms6YT9bOq3PR5sYyYg69rINQcZNQdRyopGj42DR9jWz70Cw0k80mIlnrk-iy3V4avmcD6fzqNHzk... Frame 37EE 4 KB
3 KB 136ms
27ms Script
text/javascript 2600:1f18:2352:af01:7309:938c:6f1b:193f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pn.ybp.yahoo.com/ab/secure/true/imp/S3ummZ4OKpqvzXCsEjhi6muaHvw3rC3SiSmIDz5zLUziy4DrL672VfBif5y2oVFzwHG8hGf9Jiuhwg_tL_vKXms6YT9bOq3PR5sYyYg69rINQcZNQdRyopGj42DR9jWz70Cw0k80mIlnrk-iy3V4avmcD6fzqNHzkUnFExAzOeGqBJ-G-ifXeDaeFboYX8_2jgPkOblAsT1yIkt6prEmpI7CsP2NYGNeJOkNdMm4PM9YfQm9JZiB0BWJ7k0ZJSiUVxJjO49WcVmP-MND8DSi-OI-qJ9AcpnU_PYJRgDkSS_QH0tB5h-v7EiDduTYh4vRwvKWCx1ELNa_0kHMIlVFQUq6KLiVSXyd2GLt-c5zxE0hR-WOcyIIEJYo9TacbGbTlONtpXaCAgPVSw3URGnVBKRFoYUZ56KXKc642tPxcEdZCqouyH7M5b-t3Z7apB67rjijSDboggrQaavpYYs7audnZI0mGrIOBW2VbXjLjXfCbtZad8v83AOqc4Znhq_Hw7HJEAeff1Y9VpwdJBzgGORrEc6CBtKemKafE_NgBznX9qMvUI_vemeyRKFfKqhGxPe-7_ROOKEM-NQnaJ8hvw4GJ5mijp4vLZSiUXcbMojEbv23yWn4_FyDORKigE_2565PD7sbPY-Dsn3cRE7sI-le04YcbUpi04xIXgCGUiA7JMVE2LvYE1gVEfzEvF2TR5hdr5lUl-R7_GudVYDYa0Xma-4Svz66oe6Grdbz36du9a6frdgwJtdGO-kRvhOXVqqEDvYoOpAblCfGVN8khBQBTQqxNrNtsFWxgftdUE_ECdajDqU8maDiF8nIc5nQUn0Kac1vT3ySpJflwrHayuzRCzuxMpBc3Mh9iz9WG0Oly7wxH_gWNPWZRwOQHMyDkzLyqpGCT2KHPzIwP0AyoDwFX4YTv0nSNGYcDFym3EO3pQd5BkL9Pny-nmi4RF13bDMZqcQsVdtzVJ5aO1rR9a7UdxAUv3tAXuTwca3G5pha4Vv2BI2plk_clq9odhZf9O4n2MbiKbg6t5VHu66VY5uMSMoF8gQ8bJPT07sqd_EcV2CtyHE5jPYVMfHkpXGoi8gxUSQrS4_tKnxMsIaUFZJF2-MAMGbywSy8jJx-xYmoDrBtDMb3Mof-H_a3_v_v-Z1tMjTbcoOdeuoWnb6LK9wpnfwsisqFF4sMwTg6mYVLY5oHfP71-Pm2gpwFEdVzPtt4kunAnAnuR1WUzA6rrmjbwxUBI0NpveZRxAD9B-1r2wk0EmAcW0bNxsM09ajZD2AQKF7CBWiRDt_zpu6J8nlgTItfNYi47bPu6J3NqLwcgrF_AY34HMiq3xbQFYmCzQRHbUXm-ROF_LlYX6szuuGnPC5rA7-X0aBvP_pfB0XM7P4YXoODtObvAa0fMBrjs6JWMBdmwVoX0b5J6m1kFI5pkwiUTYJUerntGHW1eaUD4K2Bi-YvTDIm2l4WnEammciDmj4kOFC029kGM5n_mn6_AWd8qxFe1tXU0BbFlXkv_rh8FnQfJVLtY4ZjymbZ_xu-qGfWzyOW2LierYAg7UVBiDgBKKqqUaZHbSyepwFTPjVAUxVibJhx8lL-1yzCy07dozsaWlJEJRbiIPveafdYhlMgLV-wqa3imV6AHBctF-33vI9JBBrYg7JnznezYO8B4bcoSQTq9ZR1dK29VhtcfmJrn-EKMEmpgYzbKBDRS7Xz6dEnPtV-pN2c_p9VA3dg1ZdGescvHwm5VVkTvGBxZVqLrHvdLOyha3eswkfaCDi_ALV0NLG3OLCCz1OygGOyEbvMFqkyggEO_vVnJDleS1supwWI8aeGUKQlHd6O3RU_X8E-kQ/wp/0.36

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:2352:af01:7309:938c:6f1b:193f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

e11b4efdf7c81290474d47ddca8f1c0729f103414e4a5b277c4ad396c92aa43f

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/javascript
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
content-length: 1986
server: ATS

GET
H2 200 wp.gif
elb.the-ozone-project.com/ Frame 37EE 0
567 B 54ms
52ms Image
image/gif 172.64.153.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/wp.gif?currency=USD&seat_id=&request_id=2ca5717e-fa04-4858-a7c1-37f4e02ba2cf&adunit=p7_0_0&size=300x250&adomain=%5Bdisneyplus.com%5D&imp_id=350ab6477f77d73&auction_id=&bid_id=f315ba9d-6375-43ae-9153-5fe3b1ceb5e2&crid=37637913&price=0.33440000000000003&seat_name=ix&publisher_id=OZONEVEN0005&dealid=
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.66 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8f3b4ad179b64299-EWR
expires: Wed, 11 Nov 1998 11:11:11 GMT
content-length: 0
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/gif
last-modified: Wed, 18 Dec 2024 01:13:46 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK f315ba9d-6375-43ae-9153-5fe3b1ceb5e2
a5693.casalemedia.com/impression/v2/998295/73/cth23i6cg1e9huuo9070/ Frame 37EE 43 B
303 B 66ms
11ms Image
image/gif 209.204.231.174
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5693.casalemedia.com/impression/v2/998295/73/cth23i6cg1e9huuo9070/f315ba9d-6375-43ae-9153-5fe3b1ceb5e2?verifieD=1&userID=Z1x5.9HM6TAAACahAenHuAAA&cmpro=3476&deviceType=2&expiryTime=1734485024&profileIDs=&creativeID=23e4f19&pubID=205972&format=banner&channel=site&ee=1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.204.231.174 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Expires: 0
Access-Control-Allow-Origin: *
Content-Length: 43
Keep-Alive: timeout=1, max=500
Date: Wed, 18 Dec 2024 01:13:46 GMT
Content-Type: image/gif
Server: Apache

GET
H2 204 ci
k8s1-event-tracker-ny.lb.indexww.com/event/ Frame 37EE 0
104 B 114ms
28ms Image
text/plain 192.40.39.192
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k8s1-event-tracker-ny.lb.indexww.com/event/ci?bi=f315ba9d-6375-43ae-9153-5fe3b1ceb5e2&bs=300x250&c=37637913&cid=7571343&d=73&dab=www.overtake.gg&ec=31&ee=1&f=1&i=1500000441&p=205972&pr=0.38&s=998295&tx=cth23i6cg1e9huuo9070

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.40.39.192 , Canada, ASN27381 (CASALE-MEDIA, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

date: Wed, 18 Dec 2024 01:13:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *

GET
H2 204 bidscape
edge.venatusmedia.com/ 0
198 B 165ms
35ms Image
application/json 34.42.134.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.venatusmedia.com/bidscape?tenantId=1&accountId=162&siteId=962&configId=5019&instanceId=7&executionCount=1&renderCount=1&pageSessionId=5338ba94-d9a0-4b57-817c-0ff41cceb2da&cpm=0.33440000000000003&bidder=ozone&auctionId=0&size=300x250&source=auction&route=Default&aid=350ab6477f77d73-1-oz-1&cid=37637913&responseTime=438&u=8710b4ba-b65f-48af-b1ee-913d21b8cfcf&cb=f71576af-8b50-4531-8578-3152bf55888d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.42.134.208 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.134.42.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:13:46 GMT
x-envoy-upstream-service-time: 0
content-type: application/json
server: istio-envoy
access-control-allow-credentials: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D1E9 0
0 32ms
31ms Fetch
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF-_77WhmvKI5XJhDImQHMM9B3iMUctycQXUJe4hkbf7NI3qdF6dRP5MOaoixQWQa97fX47ikLz6pEZ8S3r0RfBPCaGhe2IDC_nCsROJ4kmj-cPq7d2W7fuftDjbqWE_mNbGZaX9R7Hrs5ik_r0VB7PaMWGVBhpbM-9KfYQZKG6oa0XQvUijCLewqcQDHMr-pm_q8jyn6Xl5nLRKKznGseOYqITCArTpst0kDL3TtEXjMWAD4OsfTKqoMb9pewzXTbuER3tXbUHTBm_TAIw4J_l_8kVU2c4M6x0CFsRCuWvFrg0Xspm3uWLVZB-kEyOKtifAWNZl9CAGiDXccPjylfnayIODwqz31t-oXP27_mW1fm86bi8iOSvrJ90xfTsPY7zEqwkJhYURc7qFWh9VDcEcros-GVpfdju5XbZhcIE5GHpqe2HvuyUKng2p-Inng9oInMfZGj3s_dMtREWkrScEAE81bdELHp1K1Boe7ekQ&sai=AMfl-YQ0FwzS30QZOjSPlNxt9rCNIjrDXhQsRFqpBmep2Abnp3ykqAfjwjCHqIxAsMacQp6mrpO4Dq_iZzCm-OEH1B6i8bNPtjzfEz462RpTG8La7u57EFAoeu5J-dkP&sig=Cg0ArKJSzL5gOu9jcy1qEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 18 Dec 2024 01:13:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

B32878051.411232404;dc_pre=CJT29YCSsIoDFf8LaAgdRcIYFQ;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_t... Show response
ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/ Frame D1E9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_pre=CJT29YCSsIoDFf8LaAgdRcIYFQ;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_fo...

42 B
69 B

37ms
37ms

Fetch
image/gif

172.217.222.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_pre=CJT29YCSsIoDFf8LaAgdRcIYFQ;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Server

172.217.222.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 42
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xfca8ea8884a4b8760000000000000000","16":"0xc626cc9ce1656e300000000000000000","17":"0x8090770e753d91170000000000000000","18":"0x32d34efb7ddad2420000000000000000"},"debug_key":"17997140200289576597","debug_reporting":true,"destination":["https://reachthefinals.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"2592000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["15061767"]},"max_event_level_reports":2,"priority":"0","source_event_id":"9896785097502520082"}
server: cafe

Redirect headers

follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N2480310.4098361VENATUS/B32878051.411232404;dc_pre=CJT29YCSsIoDFf8LaAgdRcIYFQ;dc_trk_aid=603087795;dc_trk_cid=227946561;ord=376316842;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?nis=6
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame D1E9 23 KB
9 KB 71ms
23ms Script
text/javascript 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
etag: 12104404153384301539
age: 31336
x-content-type-options: nosniff
expires: Tue, 31 Dec 2024 16:31:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 17 Dec 2024 16:31:30 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9049
x-xss-protection: 0
server: cafe

GET
H2 200 creative.min.js Show response
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/ 316 KB
120 KB 161ms
26ms Script
application/javascript 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 54c5bcae8d0171bf6b6fec3d0128ee2e50fc0854e6c5622e68c5cb88bccff13a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "7fe5a65bc4a16346e22513e9ac5585cc"
x-amz-version-id: lM_VgYszMkfXKLiQrU6McJ7IYr55tQ3D
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Fri, 13 Dec 2024 16:29:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: KdGEVaLSDlzWYNJvo8WT8aevWVXtHruXkOtG139hpxEX1LmTt2Hu7Or5pEqlTl0Zl/cdsCNg/phfv6kCN/4L8WCHytKpOs1IVX5AxSw4tng=
cdn-requestpullcode: 200
cdn-cachedat: 12/13/2024 21:48:33
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: af9a1cd30df48d9f645d818a26fe38f4
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: 2WW1T599CQHNEPPR
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 overtake.gg.json Show response
cdn.prvk.io/prvk-websites/ Frame D1E9 407 B
1000 B 164ms
29ms Fetch
application/json 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prvk.io/prvk-websites/overtake.gg.json?v=1734484426526
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c29e975d4c2106c71bce1a2fb5a25652fb1f16490e4cbe3cedc48e24483f8d4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-max-age: 3000
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "1314d54e8dee42777a52227bca8e8575"
x-amz-version-id: X39Qrl6bjzQ1Z9_0bwqFO3.Q9rgHIDGo
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Tue, 17 Dec 2024 12:37:45 GMT
content-type: application/json
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: czUcD0lyOMUQ30PAsSWzsLqGd96hNRWW3bGTdqF6NbxtCPIMZ+JewuSbtv9K2XMc9pQu05mq62k=
cdn-requestpullcode: 200
cdn-cachedat: 12/17/2024 12:41:38
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: c29042550e3643d088ca481f8f024dcb
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: ZB2JPE2H8EZSKDZ8
access-control-allow-origin: *
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 extra-styles.css Show response
cdn.prvk.io/prvk-websites/ Frame D1E9 155 KB
26 KB 164ms
30ms Fetch
application/json 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prvk.io/prvk-websites/extra-styles.css?v=1734484426526
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c9804b28a0cd718fdfec6e82d34bddf24a3ecc55a57e4f04648e85b3ba709f97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-max-age: 3000
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "a89669e04ea070a9eb59be0a799c6065"
x-amz-version-id: 4K_kCInHK.tlUx8JxyDSuQt6LxArvyH1
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json
vary: Accept-Encoding
cdn-cachedat: 12/17/2024 14:44:37
last-modified: Tue, 17 Dec 2024 12:40:50 GMT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: i7ZyiFk3xx1+BpafFNaC0bDqHJXv6RwEVVvrZYQhuksfum75Df2qV/ChI4bfdpknHgwmeLiRr3o8KBCgjgk/Vw==
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 6f92eb85e80ed108b61fdc2567d12286
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: 91BYKREGAB8Y8GEY
access-control-allow-origin: *
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D1E9 218 KB
67 KB 68ms
23ms Script
text/javascript 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
etag: 15965780714114583650
age: 954
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:57:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 18 Dec 2024 00:57:52 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 37EE 18 KB
8 KB 68ms
22ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1a6f26221e90102580decc85453993721815ee35ef417600af01cc219a0d871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
age: 2275
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 00:35:51 GMT
last-modified: Thu, 05 Dec 2024 18:26:02 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 7835
x-xss-protection: 0
server: sffe

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame 37EE 42 KB
14 KB 154ms
36ms Script
application/javascript 2001:4998:60:807::1
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

Software

ATS /

Resource Hash

143e9b2ba4b6a7bcf2b1bc42a610c03aef1853a417cd339b532c073d6355a8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
etag: "c6f03e826f24a0584766cf6bc9d6794b-df"
age: 7602
date: Tue, 17 Dec 2024 23:07:05 GMT
last-modified: Mon, 09 Dec 2024 16:19:11 GMT
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-amz-id-2: mQSo3ttrwuX/TJz/ZFCcGW8rkl+Ac8JPVsJxTjUDV2wjLd53bf5Muc9wgx2lv2a5L6gmjrnzg4ypMxHeWDjXevbctYv7vAye6VaV/YifcSY=
strict-transport-security: max-age=31536000
cache-control: public,max-age=14400
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: TM8SNK3W0AJ7QMSZ
accept-ranges: bytes
content-length: 14420
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 37EE 565 B
933 B 58ms
16ms Image
image/png 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-version-id: null
age: 4962
date: Tue, 17 Dec 2024 23:51:05 GMT
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
vary: Origin
content-type: image/png
x-amz-id-2: cQuPuWF6ABHPrQNJi58FWUr629qm0qvSZZK9y9Yo1jfdTApz+60Ef+T09yD3JmJT2oNsxHR82js=
strict-transport-security: max-age=31536000
cache-control: max-age=15552000, public
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: RQVAFAZBVKEZWJKS
accept-ranges: bytes
content-length: 565
server: ATS
x-amz-server-side-encryption: AES256

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1E9 0
0 26ms
25ms Fetch
image/gif 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 18 Dec 2024 01:13:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame D1E9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c8ae94b8fcb5dcb7f449328862e175fbe5dd6f841fd71b7f58701eb99cb9751

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D1E9 0
0 31ms
31ms Fetch
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIR_jlwRB4iKesInHwgrpr54Rob1ojUlHYE5ovvKncrZLpVQHqAexD31O6L0WYD69i71WFqX6DsCIKvJ7enP3qTdAsWtdTJ5fEh8dr9VOb5MaCP7-sAuFmSoA2mwaa8EvH1G5oDKzam-JNzrgwG1oxHRLqAmVTiv5j3vgBqvwcoIIVHiJUKoCd1_d10-DwLPJy1LfzV_Xk3RgHmxxUTdo7LsvUrnlIm-c-me5VWS7T2rOckiYkmxAEup6GUaIkmI6qtOoqgds80oLuJSyKduU2POX-kB4-F1lU5DiWVVgsIp-zYsdU6EDID6PSfq6UsmZYrLliCMAFIXhR11yGD_PkthVDB8t7gpJFOPe26uX_dy-W7C88q7mHtJ2iTYqiLETY_LVP1YWk7lhxASmzqGPHDuZKgWT6vwFQvshQKpT-tFqlCSNZOiQFgCzdtbbZQ5x9tT_lFI_17WwbAeyDMRGMZ-rMKb-C3lMwt6bUOqE9l58A&sai=AMfl-YQ8Ez72LYF78UYeLqAfxWUBe2C4qIapXLVKmeVCk2-E9O2tBctPVl8fxdmNWJwblnkL0A0IkWwzXLw4Mk0UFNjQ1DBE1PRczSAhWi3scJqCGIPeVY7MqqqOLQdj&sig=Cg0ArKJSzCxqW4frqfcPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:13:46 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 18 Dec 2024 01:13:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1E9 0
0 25ms
24ms Fetch
image/gif 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 18 Dec 2024 01:13:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 impl_v103.js Show response
www.googletagservices.com/dcm/ Frame 37EE 63 KB
25 KB 23ms
22ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v103.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47bfd53d3d2837ba190280e71a213c8d13be2d8ac6ee1b5b3d933dd3b7c86dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
age: 59733
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 08:38:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 08:38:13 GMT
last-modified: Tue, 03 Dec 2024 14:12:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 25070
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H3 200 B31838141.410989254;dc_ver=103.302;sz=300x250;u_sd=1;gdpr=0;nel=1;dsp_bidurl_0_=https%253A%252F%252Fwww.overtake.gg%252Fdownloads%252Fwrc-telemetry-patch.38991;dsp_campaignid_0_=761067;dsp_chanid_0...
ad.doubleclick.net/ddm/adi/N6344.3020245OATH.COM/ Frame 3CA5 0
0 102ms
57ms Document
text/html 172.217.222.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N6344.3020245OATH.COM/B31838141.410989254;dc_ver=103.302;sz=300x250;u_sd=1;gdpr=0;nel=1;dsp_bidurl_0_=https%253A%252F%252Fwww.overtake.gg%252Fdownloads%252Fwrc-telemetry-patch.38991;dsp_campaignid_0_=761067;dsp_chanid_0_=8;dsp_id_0_=30;dsp_impid_0_=v4~~2560178800716359862;dsp_placementid_0_=3439123;dsp_publisherid_0_=205972;dc_adk=1478187450;ord=1tq6kt;click=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2FNrwvmwkU60XEdbpAUemvGtgAC0dwAfIGuCe98atHz_gBXQ8oNg092z24DjyoE9scNuxKcY-_-0xi9BchThvm8hqNVdMJtrtTb86L6kPlaSvdr9Z7jLkdIeAoQLWxWeA0yRNkly8ZYVsaGJvNE5B394OrTFmkI43iSNH-tBXnA3Wl61MoErAXqjviiE8dwtMxbxI6xhlV9855DMMQobopMbpUbN-WpVfzZWVKT3AG0-xrQMOuTi7CvW22b0NPbYnDL6_xcdZVECXm6MbL4coP4hcZ9wdCZelCNC3YU8e4_G-rG_Lo-VjnFg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F$0;xdt=0;crlt=0bMVp!jOeP;cmpl=40;gcsr=m;stc=1;chaa=1;sttr=79;prcl=s

Requested by

Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 34210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
api.ipify.org/ 13 B
301 B 59ms
26ms XHR
text/plain 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=text
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a2a2d686dd952c35b89e6934a44ba550ef1f99f6ae453a4a1c05c2756372f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8f3b4ad3c91c440c-EWR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=9159&min_rtt=8510&rtt_var=2094&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4048&recv_bytes=2202&delivery_rate=384666&cwnd=233&unsent_bytes=0&cid=e03dcce3ae10aacd&ts=36&x=0"
content-length: 13
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/plain
vary: Origin
server: cloudflare

GET
H2 200 video-js.css
cdn.prvk.io/prvk-live/ 44 KB
11 KB 15ms
13ms Stylesheet
text/css 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prvk.io/prvk-live/video-js.css
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 9bc87e8ad9a1ff327cda2832b011e74ea1a9d3329d8073be9bcd162cc1e858ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "13cc2ed05f4f7b5730bffafc2b2e4eb3"
x-amz-version-id: MHEkSz3pyskER7W__1UJuuRHRL10DJ66
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Tue, 18 May 2021 16:32:33 GMT
content-type: text/css
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: KXvlNDj8i61U/NYqkDPxwncCdwX/rANdQYkQuTbUyELL47fWAbcdIj2es9tEasy4B/rXz+8lye4=
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 2c52bf5e2714732aaf00455569e3e555
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: T99EZDZXRPEADME4
access-control-allow-origin: *
cdn-cachedat: 11/07/2024 12:59:19
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US

GET
H2 200 project-asset-32511.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 70 KB
71 KB 24ms
20ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32511.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: e0669b3f2e85c0f815c22aa423c2a1846894fe1907153ea7c61fcb234ef84791

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "aedc1e1e0560e4a8490e9a8779f53142"
x-amz-version-id: r38JQ7myNuOSH8yJMtq1BpLlMBd500u8
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:52:38
cdn-cache: HIT
x-amz-id-2: /s7F+qOgvqdVINaiNgs4JovFKcj5+BPZ20k40E1ssALrbtJIWRBCNBLoTxePoo3NaTadpajxw8Y=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 53c97e15ec84ef95f0d33246e44ac241
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: 9CSQ7MH0YDGM6T7H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71844
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32512.png
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 15 KB
16 KB 34ms
30ms Image
image/png 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32512.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: dd2ebf3d43939f6595950500f2141af571da108541dfb80731a759f9fd6ecde5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "5a59cfdd59a6cd87bf4e256cdd57532e"
x-amz-version-id: OHqCytJCr6ju5cmCerKcaWm2lIJYFZBM
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/png
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: pKAsqDiNKkPgANK2zHiQSOc1mjNhiyxpSIsLJ+E8nkORsKvO64Q9zWVwN/9yFUYszMwJzmED02UwrZxZZfzH0ZVUUymLCHa6oIgcFBQZSjY=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 502159add54e754611ccd8d7bfb81a19
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSAEPDMFW7BWBEDX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15068
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32513.png
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 51 KB
52 KB 20ms
16ms Image
image/png 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32513.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 587672d0a9f37999e0edda6f8acc7b577eda08c15241d647b69b78e6c0e5ea34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "75286fdeb0c0f74d4535d1b14cb7bb1f"
x-amz-version-id: v5E2dJwIAchfKMpPdWOP3PZ5eQOl.46W
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/png
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: VMdZw2B+Aqi8YnoXIbOQ7/TCctqeHv5TvmVaqb/lqUXidmThe5S7f6w7ekaVMsyipoN/NC05Zeg=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: fd1c7ea1460f85c7ac5c2a7e43544215
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: 2WW845ERR8RAHV00
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52067
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32514.png
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 3 KB
4 KB 34ms
31ms Image
image/png 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32514.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 18ee895c2f92c34605b62eccb1f6ce62cca41589cd5406c3a9848007c381a187

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "afcdc79fac91405b824c1db7537aa48b"
x-amz-version-id: 5ky0crQD1dgfT51ImTRBhRyGTgqSW6Gd
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/png
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: wLhPx9aY4Y0s+yzKTBCJm0X1yL0/gxp+39LlDbBSGN3GxkhnzhVm/C5RhYcqWwhGkKL13dYZ2lin1HEwZCX9qQ==
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: de480e6483a6f6068eed7a98f125820a
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA31SWE0PF1PZ1B
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2905
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32515.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 836 B
2 KB 31ms
28ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32515.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 796e271310c46bda824a5051ff5dcc9c5afecfee17b077cc928a88b719dc0db8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "42b37cd4277091a2bf49b6f12930a22e"
x-amz-version-id: KGj5aDrE0QvdiQgDmKKEXKsv0Y8XZLNN
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: U2NXm/IZJAXX2144dG9rrL+qXn5HmVNpV0ckAMZOZ0IFIwg/YwAuqzcI0djAwSgeedX/SVjzk6lSCRW8nxC2lndCaG8Ji04vhQCFolyoawU=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 5803c0012aab329635e578e0cc22e421
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA8S41F0M7P6R60
accept-ranges: bytes
access-control-allow-origin: *
content-length: 836
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32516.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 10 KB
10 KB 22ms
19ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32516.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: d254cecaf51c6556f6f494eec366d9f81ff604378b48c8a978500e45b080fa05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "0b93b4df930c992eeca981b65d4001d6"
x-amz-version-id: NsfKo6coF09VWTyikKekScJBP37vA_Ga
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: e7TmErSzkZE03umn0drUmd03Sr2osL9sGZ8y3vay/PjuW3VNnR7tOsu1M4dI6MMEr8aZdw7fvfw=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 3ecae4219f4de52eec0ba359f03f56a4
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA8EPBM65JN8PNP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9856
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32517.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 590 B
1 KB 32ms
29ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32517.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c7788aaef68f339994e5fd2abbfe12ebb99076ed1a3951c45cf5850252c1d70e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "0c6ad637f67f4d13f64fbdead4d52fb5"
x-amz-version-id: tGBhY8OlcA6KaGmKM9hdfqD9CZSIDaip
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: tDBIeiaRnkCEN7Q6i1QmEtuG9xIhMbuPzXVCsshcHY/XfoFQA337QYt07c3eqOxyl/5NUhwFKC0=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: f28a7d07cffa0b91fb67ceef7a06609c
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA34ZMDV69PY1XS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 590
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32518.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 73 KB
74 KB 33ms
30ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32518.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 4f3a96ac4b94007136df6aac42c66204bedacac2ebf7d8c324951b7798603150

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "c6790407b6e833ece55602d6d758bd6e"
x-amz-version-id: gok2LIbAirFe5BN.ZpsIoyAx4VSfK8Aa
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: 2F8K/FkLlGalOtK1QJ0XiTg36NXHRClnZlg43RmMneKcEIFV4u1jaJ8Ha/WpVoujperf64I3Lg0=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: d3e38556e847b6fcab3a4fc23cf54841
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA7JRTVJTXMD67S
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74792
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32523.svg
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 699 B
1 KB 31ms
28ms Image
image/svg+xml 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32523.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: cef70c0ea5d079d130f2d7b33e0f85a3d15ab278d5dd2b5be2f31eb3a28d4731

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "0e190011d76e6e21098a575597c8ec6c"
x-amz-version-id: Ue8aBmcon7hoOHZABAhlg9yzR5qyanoo
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: ddAhSMnYkYAID0fz+Ux7ecALlmktxy3QtmCKDFZtmA1QQ/SFb6v4Jv90H53wUQWoQ60xnJe2tw9U9UPT5P94C7KJP2182hruzioBf/Mefes=
cdn-requestpullcode: 200
cdn-cachedat: 12/13/2024 21:48:34
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: f3b699d39e7ba46b6d01821f7aa2a102
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSAET32ZRXNXEDZV
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32524.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 136 B
1011 B 36ms
33ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32524.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 7bb4f85ebe3e15c2a0d21726811d0db24dbbe83476d590cc7450d4d6affb072e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "d2079cc39ba6cd8f8d443a073085ade5"
x-amz-version-id: 7OQA2DmO1fqz.Lk9PncO27WVKNhkpWn9
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: 6KKrqz1T20j9wKpZ6MiVD3gP3oEYXxJUgqez8mT769qHDLJ2tsLxvZVj+sScmXbXH3CVoUJH7HyhtSfj8/Rw1ng/s0t/0O4u0ipY4mZWCTk=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 7c4bafd7f2019407915a148e98e782c4
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA5DRTY7FWGM5M1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 136
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32525.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 762 B
2 KB 36ms
34ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32525.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 1d30a378db11575d66d560681e5978b71fe89823516679f7b055442f962e36f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "f39589b456d3848720830f8556e60ea5"
x-amz-version-id: A1n8ZKZ3X60wwvzBXyukrvVAuFaYZUPh
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:32 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: hD/fXZqNfzJVv87PnwWUn0tQYBtXMP+PNBRIrqdgddDkrIQULq//2Y2jFuTOct25v24/rZiYq4u9N3pu+VbTRLY4ohjlhtAh2ok78g4KOfQ=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 9791b7ff5c2953fec6a787647e08c211
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA41A0JYKW8BZ2T
accept-ranges: bytes
access-control-allow-origin: *
content-length: 762
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32526.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 768 B
2 KB 38ms
36ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32526.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c963c32d0bfa3d6f60d98738df831641ddd332df17d4305add56350ff7dd6d26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "bbeb0e403cad76b5071e9067b8f152e8"
x-amz-version-id: EtXPldifW9Y6xUiQFKn7KTuzfJGMVmr1
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: oP2N65Of3AWLAHIZHl6gKyjb8+kJLq97sd5uwvHgpP34Yq1uPfMq6/9I234MRgrHBOiUo9VXQGM=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 1938fdcd060db33e51c205278958978b
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSAA2J2Z1BAT61VG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 768
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32527.png
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 4 KB
5 KB 36ms
34ms Image
image/png 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32527.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 8ddd2492d33c4841de30024650786ec10e8441a7300f8973b3829a02181cf04f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "cca92f4b5907f47b77f06747e1102b13"
x-amz-version-id: a4BVa4xGdMzgRe6YhN.06lyK2rsGqVG7
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/png
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: FYNid6+czgHGdWwrNYHU4iz7icaEu6Qkbfx01D4XspVFgIeZHST3uMT2ItnD8lGYOsf6eJtNn5I=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 31f3e752c3d1212004eb944260ce9a57
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA05YW8F3DTRTD0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4467
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32528.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 3 KB
3 KB 37ms
35ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32528.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: e8a44c3cc6767656be79798aec8609cd2830e994ac6126adf74ce4bdc907739c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "1a990ef4f64b001c8df5a66a4d507da6"
x-amz-version-id: 9e69jPEClQQPbPekFp868_X4DERs9j0y
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: E/5BAOwy4XkDn0yOQA6K4quwO0LAstVQiLFtmZvqKL2JM5p60BLvicnQtBGElTV3NYlQUIlzoh4fDww9NMNKNA==
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 84961c99aa69b0c4fe19e36011318668
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA7REG658GR64XR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2694
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H2 200 project-asset-32529.webp
cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/ 3 KB
4 KB 37ms
35ms Image
image/webp 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/assets/project-asset-32529.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 0145836490e8cd1d58f2ae96fd41ca5e86f30fdf3fe7196103726e410f6bf2bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
etag: "4dd47f127fe0f741264b7d96a8459200"
x-amz-version-id: by9EPguCPYYaGorn0UlthtR04o2XOIZU
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: image/webp
last-modified: Fri, 13 Dec 2024 16:29:31 GMT
cdn-cachedat: 12/13/2024 21:48:34
cdn-cache: HIT
x-amz-id-2: 99WB/C/KFxoJ25jtPqyiYac1/Zweb6ml96fxIpBggLbAfCsaOFI2rB+YJKcK86EcnFE9FGC/Q74ObrAiUq7wMg==
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 6f97d27d2941e21d8a3891e58049a426
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: MSA8HF8KS29M3M6N
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2852
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

POST
H2 204 placementscape
edge.venatusmedia.com/ 0
34 B 37ms
36ms Ping
application/json 34.42.134.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.venatusmedia.com/placementscape?u=8710b4ba-b65f-48af-b1ee-913d21b8cfcf
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v4/live/vms/ad-manager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.42.134.208 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.134.42.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:46 GMT
x-envoy-upstream-service-time: 0
content-type: application/json
server: istio-envoy
access-control-allow-credentials: true

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/854585/68926917/ Frame 37EE 62 KB
15 KB 77ms
20ms Script
application/javascript 52.207.37.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/854585/68926917/skeleton.js?bundleId=overtake.gg&ias_dspID=30&ias_campId=761067&ias_pubId=8&ias_chanId=3439123&ias_placementId=0&ias_creativeId=7571343&bidurl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&adsafe_par&ias_impId=v4~~2560178800716359862:1734484424680
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.37.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-37-116.compute-1.amazonaws.com
Software: /
Resource Hash: 65430510b179b6bfe793bcba095f4c7bb9411cc675c6e0ba3d0b54337119c5d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: pixel.adsafeprotected.com
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/javascript;charset=utf-8
vary: accept-encoding

GET
H3 200 usermatch
ssum-sec.casalemedia.com/ Frame 8CE8 0
0 33ms
32ms Document
text/html 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=205972&gdpr=0
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8f3b4ad3ce8d8c47-EWR
content-encoding: br
content-type: text/html
date: Wed, 18 Dec 2024 01:13:46 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEVN4GobOvqy0xGdfGp8rtb8MQijq%2FJk5GbC%2FMbiFh9CYxEW6wMn7s0Qvpdwng0l8gszzxOGBIMDhoRbFrWtumPDEu%2BThPnZkQhec10enSydwohKAP88ZUR2Lj5EPm2HDZAOeLZTv8RP7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H2 204 impression Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
196 B 295ms
83ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-cs-external.venatusmedia.com/prvk/1/impression?pi=3818&li=6868965527&ss=1600x1200&vp=1600x1200&s=54246883-6ef6-4b2b-a691-c67b4da18fa2&g=US&dev=desktop&os=Linux&b=chrome

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
H2 200 video.min.js Show response
cdn.prvk.io/prvk-live/ 545 KB
155 KB 17ms
17ms Script
text/javascript 37.19.207.34
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prvk.io/prvk-live/video.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: a652d0e0a55a12ab819d2fd546e57671dfa60413f0414e0d906f14af9d339121

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: X-Geo, Geo
content-encoding: br
etag: "78f5adb75e7d3d4bee6d3a963cdc57f7"
x-amz-version-id: HssWnHG2NwV7eXrAecIkNevJjZngXoRX
geo: US
access-control-allow-methods: GET, OPTIONS
date: Wed, 18 Dec 2024 01:13:46 GMT
last-modified: Fri, 06 Aug 2021 11:59:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: RbUj6UjaFyMoCgxdCtVFStTJL+2WXKPkhQ27sxEzrSBiWOwNKGGl2UUCIxs72nXRCg/iLT8r5do=
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 20:48:29
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: ed4b1ecadccfaa5f612e86426e14e3ec
access-control-allow-credentials: true
cdn-pullzone: 388121
cdn-proxyver: 1.06
x-amz-request-id: ZB591JAJZ797QJD4
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 adslots. Show response
fundingchoicesmessages.google.com/f/AGSKWxWILALFoY_cfv9XWKGa00YVFjOnhiyi0Kn7phvy3VhHDfqSqbCfI8opxxVJzD8RBr2LxYsxpS3X1MNGZvISJeeq_ylYzQQTMOzn7Y0lr2Hckc6zjn4cCzfDTwLKemi-smM5kO3FejyP7l4XJXhAuWIiFkSdC... 54 B
109 B 36ms
35ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWILALFoY_cfv9XWKGa00YVFjOnhiyi0Kn7phvy3VhHDfqSqbCfI8opxxVJzD8RBr2LxYsxpS3X1MNGZvISJeeq_ylYzQQTMOzn7Y0lr2Hckc6zjn4cCzfDTwLKemi-smM5kO3FejyP7l4XJXhAuWIiFkSdCZFB8Jmsc0u1cIpi1l4x8Z5ifOymqcQp/_/ads/dj_/video_ad__468x60px__pop_ad//adslots.

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2248f1e590a5ae04b44d7010904021de0cbbf1c31618c2dddc7b8c979e928c92

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-14xT-KQQ8UHPSRVk_Xg7Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcJw63LGbTWDDiQ_bmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACTPkXA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-14xT-KQQ8UHPSRVk_Xg7Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 70 KB
26 KB 25ms
25ms Script
text/javascript 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: br
etag: 82456162888936996
age: 697
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 02:02:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 18 Dec 2024 01:02:09 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26167
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
32ms XHR
text/html 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AN_TR7AJ0-DfzJ2M4TLdwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8of4y6w8gZvh6hZUDiIV4OE4d7tjNJjChc9sBZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmhkaKRnYBZfYAAA4ioqjQ"
content-security-policy: script-src 'report-sample' 'nonce-AN_TR7AJ0-DfzJ2M4TLdwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 204 event Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
97 B 270ms
84ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-cs-external.venatusmedia.com/prvk/1/event?pi=3818&li=6868965527&ss=1600x1200&vp=1600x1200&s=54246883-6ef6-4b2b-a691-c67b4da18fa2&g=US&dev=desktop&os=Linux&b=chrome&evt=Assets%20Loaded

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
H2 204 event Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
97 B 255ms
85ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-cs-external.venatusmedia.com/prvk/1/event?pi=3818&li=6868965527&ss=1600x1200&vp=1600x1200&s=54246883-6ef6-4b2b-a691-c67b4da18fa2&g=US&dev=desktop&os=Linux&b=chrome&evt=Website%20Structure%20Parsed

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 204 event Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
97 B 177ms
85ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-cs-external.venatusmedia.com/prvk/1/event?pi=3818&li=6868965527&ss=1600x1200&vp=1600x1200&s=54246883-6ef6-4b2b-a691-c67b4da18fa2&g=US&dev=desktop&os=Linux&b=chrome&evt=Sections%20Created

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:46 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 main.19.8.556.js Show response
static.adsafeprotected.com/ Frame 37EE 240 KB
73 KB 67ms
16ms Script
application/javascript 2600:9000:24f4:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.556.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbdab31a287ceafb5b96375c215398a3a9b109fc333ba0b20e7be8d833ad3703

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-amz-version-id: 3piCeipKj6YSJvo7Z105Q4D5UeEuZN5T
etag: W/"e90a5b1dd27e0642273917a65b3234b2"
age: 30716
x-cache: Hit from cloudfront
x-amz-cf-id: rOthybCaU2r-_CrLAgcOOUYWvqgrINjjWpgTsK8tWOU0AJL94msNCQ==
date: Tue, 17 Dec 2024 16:41:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2024 16:07:20 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 dbd83e9e27cde36e1e56c6d1ae4f5a18.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 204 AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
38ms XHR
text/html 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q6ar_bsxK6Wy25_Lv85Obg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj9OGO3WwCGzafU1FyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYAxxoqXw"
content-security-policy: script-src 'report-sample' 'nonce-q6ar_bsxK6Wy25_Lv85Obg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
34ms XHR
text/html 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fuW_I2I-_ulFlT2apB9YRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj9OGO3WwCD152qSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MjQyM9A7P4AgMAzFMqdg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fuW_I2I-_ulFlT2apB9YRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
33ms XHR
text/html 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX16wpl8_w7Smy0QsEzk2Ul3UWlqh_LRD4zN5mgeZDECnxC8sY0afAWG0K4JVww2bH8eumAxq-nS89pB9gU-sB1V4g3nnUb2CDBAtJ40h6qZubDWDyxA0kWOhRB9TknwNkq_nYnEA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6PHTAspKTomNbeuCZzTlrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj9OGO3WwCG86-V1FyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYA0boqjA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6PHTAspKTomNbeuCZzTlrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXuljP4RO6RudGUekIiBhAxu0timgF1CXv-_qb7MBWu0RCPU1G2e97I3K_dQde9TkO1uPxQ-aUDB97DwKBAtba3WJIKuIcfwv0PCJbvQA7iZpRyevy-XQWfppRpliAkjbhgTxsdPg== Show response
fundingchoicesmessages.google.com/f/ 6 KB
2 KB 46ms
44ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXuljP4RO6RudGUekIiBhAxu0timgF1CXv-_qb7MBWu0RCPU1G2e97I3K_dQde9TkO1uPxQ-aUDB97DwKBAtba3WJIKuIcfwv0PCJbvQA7iZpRyevy-XQWfppRpliAkjbhgTxsdPg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDg0NDI3LDU0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cub3ZlcnRha2UuZ2cvZG93bmxvYWRzL3dyYy10ZWxlbWV0cnktcGF0Y2guMzg5OTEvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653a1596779ebe15aa612123dc240f6992fae875d2eee6ae0b465280da02a8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2-1G_ERJJTOlzmsHzHbfZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc5w-3LGbTaBh3xQtJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDI0MjPQPD-AIDACeARJc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2-1G_ERJJTOlzmsHzHbfZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET syncframe
gum.criteo.com/ 0
0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.overtake.gg
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 63ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m4t78t9l&ctx=0&met.9=1.1lg~2.1nv
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 syncframe
gum.criteo.com/ Frame BE25 0
0 44ms
16ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.overtake.gg&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 315961
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET c9e949ed-ffaa-422d-8f3d-dea4eb7f825a
https://www.overtake.gg/ Frame 0
0

GET a32a3ae5-9e6c-4b1e-8996-7229aa9e9601
https://www.overtake.gg/ Frame 0
0

GET db00078e-318e-477f-9982-e0423990bee3
https://www.overtake.gg/ Frame 0
0

GET
H2 200 playlist.m3u8 Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/ 545 B
939 B 123ms
25ms XHR
application/vnd.apple.mpegurl 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/playlist.m3u8
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: f62216c88630426906d7adc7767f3699f7b388a0aa3a6fb6d1d6e7aa14816161

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 791
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-268
last-modified: Fri, 13 Dec 2024 16:26:54 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 12/13/2024 21:52:38
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 9e9c39795ae990cf1b7fddfe3eca2a2e
cdn-pullzone: 353366
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1067
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

GET
H3 200 AGSKWxUR7TsUoXxqcq5UEAmnmuN3xnCla_a0e6g5mNFeiVOuRogGGYD-A8864Cra5KeOJtbsVzG4G_Fphxs6xrwJ1Np4UW7aJ3I_G5djQ0njhpOAcu1MWkJ75sd7n9LUBUPsABDUcqP75Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 43ms
42ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUR7TsUoXxqcq5UEAmnmuN3xnCla_a0e6g5mNFeiVOuRogGGYD-A8864Cra5KeOJtbsVzG4G_Fphxs6xrwJ1Np4UW7aJ3I_G5djQ0njhpOAcu1MWkJ75sd7n9LUBUPsABDUcqP75Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDg0NDI3LDM0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm92ZXJ0YWtlLmdnL2Rvd25sb2Fkcy93cmMtdGVsZW1ldHJ5LXBhdGNoLjM4OTkxLyIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b36875a3b66050beb14376dd9f592cf526c99ec9068345ae30741091193d263c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-So4QZFVUPwzCKSDqCNQfPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcJw-3LGbTeDBxNlbGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDAB7ikVV"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-So4QZFVUPwzCKSDqCNQfPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 37EE
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/854585/68926917/skeleton.js?bundleId=overtake.gg&ias_dspID=30&ias_campId=761067&ias_pubId=8&ias_chanId=3439123&ias_placementId=0&ias_creativeId=7571343&bidu...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

16ms
15ms

Script
application/javascript

2600:9000:24f4:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Server: 2600:9000:24f4:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
age: 30716
x-cache: Hit from cloudfront
x-amz-cf-id: VL3fK3SYgruFk8nk_mnxLqeuo6v8m__ZatGwWz-9Uh-CAz55E0FCbA==
date: Tue, 17 Dec 2024 16:41:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 dbd83e9e27cde36e1e56c6d1ae4f5a18.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17
x-amz-cf-pop: IAD55-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: no-cache
location: https://static.adsafeprotected.com/skeleton.js
content-length: 0
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:47 GMT
pragma: no-cache
server: Apache-Coyote/1.1

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 2972 91 KB
23 KB 16ms
15ms Script
application/javascript 2600:9000:24f4:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.overtake.gg
URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
age: 30716
x-cache: Hit from cloudfront
x-amz-cf-id: N6dkfw2wjqNDM25IqDIdE-FEgATM1Q8pmVJWE7WiFfRejhKYF1Rtgw==
date: Tue, 17 Dec 2024 16:41:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 dbd83e9e27cde36e1e56c6d1ae4f5a18.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 49ms
16ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4x7p,pingTime:0,time:398,type:pf,im:%7Bpci:%7Btdr:38%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:346%7D,%7Bpiv:100,vs:i,r:,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,msd:0,ph:10837%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: image/gif
server: nginx
x-server-name: dt55.va.303net.net

GET
H2 200 video.m3u8 Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/ 225 B
871 B 25ms
24ms XHR
application/vnd.apple.mpegurl 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/video.m3u8
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: b3917a8c342c56579ab83d475f25cbde623901ceee93fc470fa20b2f73961ef4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 859
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-427
last-modified: Fri, 13 Dec 2024 16:26:55 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 12/15/2024 14:03:51
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: ba017526657370d4aa8d5a8fea735c37
cdn-pullzone: 353366
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1236
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 22ms
14ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4x7P,pingTime:-2,time:424,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:615,beZ:617,mfA:933,cmA:935,inA:935,inZ:941,prA:942,prZ:952,si:962,poA:964,poZ:986,cmZ:986,mfZ:986,loA:1015,loZ:1019,ltA:1039,ltZ:1039,mdA:620,mdZ:707%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:346%7D,%7Bpiv:100,vs:i,r:,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:27,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B27~100%5D,as:%5B27~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c1.2066062-84511485%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c1.f0eceebf-e39e-0fca-b6da-4fac3cd7c0b1.33_2066062-84511485%7C1c*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,slid:%5Bp_v1DdEy7,slot-20,content,top%5D,msd:0,ph:10837,sinceFw:75,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: image/gif
server: nginx
x-server-name: dt56.va.303net.net

GET
H3 200 AGSKWxVv4FeGsTNsEuT0B6_KdkKb-7m2r_o_sTbxpdBQy38jkfDL-guq8__fCsSDv3h9qQ7f5ldVDNGTwm3y-zoI_n18ui87QIBGt68YHU1VhArKAGBpTKd8SyvrGM9kfiSx5cPo37XQnw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
54ms Script
application/javascript 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVv4FeGsTNsEuT0B6_KdkKb-7m2r_o_sTbxpdBQy38jkfDL-guq8__fCsSDv3h9qQ7f5ldVDNGTwm3y-zoI_n18ui87QIBGt68YHU1VhArKAGBpTKd8SyvrGM9kfiSx5cPo37XQnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDg0NDI3LDQ2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cub3ZlcnRha2UuZ2cvZG93bmxvYWRzL3dyYy10ZWxlbWV0cnktcGF0Y2guMzg5OTEvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0b14c2fad58602349271d6613266969596c5526617327052d0014f80f229a4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1sMO_X2jjdYnUy9ki5vy4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcJw-3LGbTWDGjgtfGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACKSUWq"
content-security-policy: script-src 'report-sample' 'nonce-1sMO_X2jjdYnUy9ki5vy4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 video0.ts Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/ 397 KB
397 KB 37ms
37ms XHR
video/mp2t 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/video0.ts
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: 55e84de66c622dd814578692366961decaf0119f1d832e773900b3fa5b7287d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 859
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-427
content-type: video/mp2t
last-modified: Fri, 13 Dec 2024 16:26:55 GMT
cdn-cachedat: 12/15/2024 13:12:43
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 44b519c7807d9c50c8e1a2ed5d2b921c
cdn-pullzone: 353366
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 406080
cdn-edgestorageid: 1232
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

POST
H3 204 AGSKWxV81uCZd-Ct_jAAZ6vhf9jMGop7N8ilIRb3m9edHs4P57zdqrbMC8ZFVO-Mx6YKTeGRChi7ymZw21UbAxP55p4vpYQcOLZo_TnxfWT3Ch365Dc24ZmvhOm-9kppxPFu2-mIoL3BNQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV81uCZd-Ct_jAAZ6vhf9jMGop7N8ilIRb3m9edHs4P57zdqrbMC8ZFVO-Mx6YKTeGRChi7ymZw21UbAxP55p4vpYQcOLZo_TnxfWT3Ch365Dc24ZmvhOm-9kppxPFu2-mIoL3BNQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zeSZOuNxEjLs-wKbQHTmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.overtake.gg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj9OGO3WwCDXsOtTMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDI0MjPQOz-AIDAOHWKog"
content-security-policy: script-src 'report-sample' 'nonce-zeSZOuNxEjLs-wKbQHTmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.overtake.gg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 video1.ts Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/ 521 KB
522 KB 25ms
25ms XHR
video/mp2t 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/video1.ts
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: 315c7a340316a43a51e5b4cf1785b18c55f9b8a89ac37f3cb1a2153bdb2f3fa0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 795
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-346
content-type: video/mp2t
last-modified: Fri, 13 Dec 2024 16:26:55 GMT
cdn-cachedat: 12/15/2024 13:26:45
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 9a28bbcfce80d0a096d3c555f530cf49
cdn-pullzone: 353366
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 533732
cdn-edgestorageid: 1235
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 15ms
15ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4xbT,time:676,type:e,sca:%7Beng:b,tss:%7Blts:2024-12-1715.13.47,tzo:600,tzn:Pacific/Honolulu%7D,exr:%7Bexs:objectExternal%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:280,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B280~100%5D,as:%5B280~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:68,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c1.2066062-84511485%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c1.f0eceebf-e39e-0fca-b6da-4fac3cd7c0b1.33_2066062-84511485%7C1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,msd:0,ph:10837,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: image/gif
server: nginx
x-server-name: dt67.va.303net.net

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 16ms
16ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4xcr,pingTime:-10,time:710,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NjAwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1734484427751%7C%7C0e884e72ce292501cdc71bbc07dfe1f8%7C%7Ca11f5da7336cfe2e2fd950a3d968fdb0%7C%7Cf8e76159871119e5ca765247e0bcba63%7C%7Ca9c2ed749e5653345f8b7cd21ca9625c%7C%7C4643b8c5b6e213f6426d04f4e7ec3274%7C%7C0545cf7a38cb01ff41b856ace38d855b%7C%7C69498563f98d14df876340a62ddc2934%7C%7C1715618633%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: image/gif
server: nginx
x-server-name: dt13.va.303net.net

GET
H2 200 video2.ts Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/ 499 KB
500 KB 26ms
26ms XHR
video/mp2t 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/video2.ts
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: 0e8d397a999da8bf29ecd08d4152085bc846227eb4ac7fc1e099b61d03cfa403

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 859
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-267
content-type: video/mp2t
last-modified: Fri, 13 Dec 2024 16:26:55 GMT
cdn-cachedat: 12/13/2024 21:52:39
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 81722b9330ef0368c46d2479e845069f
cdn-pullzone: 353366
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 510984
cdn-edgestorageid: 1068
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

GET
H2 200 video3.ts Show response
v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/ 314 KB
315 KB 26ms
25ms XHR
video/mp2t 2400:52e0:1a00::1233:1
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://v-cdn.prvk.io/40cc82ae-6137-4d5d-bc03-566d19352f49/240p/video3.ts
Requested by: Host: cdn.prvk.io
URL: https://cdn.prvk.io/prvk-live/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1233:1 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1233 /
Resource Hash: d05280369e026dc13a4a413d3cc20c77dab7a9a120abbc78de0959e105e1517e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 859
date: Wed, 18 Dec 2024 01:13:47 GMT
cdn-storageserver: NY-346
content-type: video/mp2t
last-modified: Fri, 13 Dec 2024 16:26:55 GMT
cdn-cachedat: 12/15/2024 13:26:45
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 708e11664e5904a9113123486fe02c54
cdn-pullzone: 353366
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 321480
cdn-edgestorageid: 1235
server: BunnyCDN-IL1-1233
cdn-requestcountrycode: US

GET
H2

204

bab946ce-6dcf-476d-8747-882da785adee
cs.ingage.tech/wdc/v1/sync/bidswitch/ Frame 5442
Redirect Chain

https://cs.ingage.tech/wdc/v1/syncPage/bidswitch?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinsticator&gdpr=0
https://x.bidswitch.net/sync?ssp=insticator
https://r.bidswitch.net/sync?bidswitch_ssp_id=insticator&bsw_custom_parameter=805adf01-b5c0-4b22-806b-ad299815a1ad
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=805adf01-b5c0-4b22-806b-ad299815a1ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D27ad4042-4fa7-4696-aee2-e8478ca2e068%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1183467559838709040&pt=27ad4042-4fa7-4696-aee2-e8478ca2e068%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=insticator&bsw_param=805adf01-b5c0-4b22-806b-ad299815a1ad
https://cs.ingage.tech/v1/syncPage/bidswitch?uid=805adf01-b5c0-4b22-806b-ad299815a1ad&gdpr=&gdpr_consent=
https://cs.ingage.tech/wdc/v1/sync/bidswitch/bab946ce-6dcf-476d-8747-882da785adee?uid=805adf01-b5c0-4b22-806b-ad299815a1ad

0
0

29ms
27ms

Document
text/plain

2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.ingage.tech/wdc/v1/sync/bidswitch/bab946ce-6dcf-476d-8747-882da785adee?uid=805adf01-b5c0-4b22-806b-ad299815a1ad
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=1296000
cf-cache-status: DYNAMIC
cf-ray: 8f3b4adefa60c470-EWR
date: Wed, 18 Dec 2024 01:13:48 GMT
server: cloudflare
vary: Origin

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8f3b4adeca2ac470-EWR
content-length: 0
date: Wed, 18 Dec 2024 01:13:48 GMT
location: /wdc/v1/sync/bidswitch/bab946ce-6dcf-476d-8747-882da785adee?uid=805adf01-b5c0-4b22-806b-ad299815a1ad
server: cloudflare
vary: Origin

GET
H2 200 rubicon
cs.ingage.tech/wdc/v1/syncPage/ Frame 7024 0
0 172ms
46ms Document
text/html 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.ingage.tech/wdc/v1/syncPage/rubicon?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8f3b4adc4f36c470-EWR
content-encoding: gzip
content-type: text/html
date: Wed, 18 Dec 2024 01:13:48 GMT
server: cloudflare
vary: Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame A65E 0
0 18ms
18ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.overtake.gg&gpp=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Dec 2024 01:13:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 2007083
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 load-cookie.html
elb.the-ozone-project.com/static/ Frame 7871 0
0 49ms
32ms Document
text/html 104.18.34.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&publisherId=OZONEVEN0005&siteId=1500000410&cb=1734484424975&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f3b4adbad1bef9f-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:48 GMT
expires: 0
last-modified: Mon, 16 Dec 2024 11:16:58 GMT
pragma: no-cache
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Origin, Accept-Encoding

GET
H2 200 pbcas
ads.yieldmo.com/ Frame 30A0 0
0 17ms
14ms Document
text/html 52.22.30.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.30.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-30-188.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 18 Dec 2024 01:13:48 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 isyn
sync.a-mo.net/ Frame CC50 0
0 123ms
15ms Document
text/html 147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CoUCSg93d3cub3ZlcnRha2UuZ2dSC2Fhcy03MjY1YTQ3WghwYmExLjMuNGoPd3d3Lm92ZXJ0YWtlLmdn-gEGOS4yMS4w6AIBiAPIw4i7BqgDNOoDJDA5NGFlNzU2LTYyYjUtNGYwZC1iMjcyLWQ3YTljMGVhMWY3N6IEPGh0dHBzOi8vd3d3Lm92ZXJ0YWtlLmdnL2Rvd25sb2Fkcy93cmMtdGVsZW1ldHJ5LXBhdGNoLjM4OTkxL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQNueTXABgDIBgGqBwN3ZWLKBwtvdmVydGFrZS5nZ-AHAYIIC292ZXJ0YWtlLmdniggGY2hyb21l
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 655
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:48 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 1

GET
H2

204

bab946ce-6dcf-476d-8747-882da785adee
cs.ingage.tech/wdc/v1/sync/openx/ Frame 2381
Redirect Chain

https://u.openx.net/w/1.0/cm?id=b355ce4f-581b-4a1c-8c84-81fe81e4bc39&r=https%3A%2F%2Fcs.ingage.tech%2Fwdc%2Fv1%2Fsync%2Fopenx%2Fbab946ce-6dcf-476d-8747-882da785adee%3Fuid%3D
https://cs.ingage.tech/wdc/v1/sync/openx/bab946ce-6dcf-476d-8747-882da785adee?uid=273fcb7b-0b0a-46f0-b707-5a537f700cf2

0
0

102ms
36ms

Document
text/plain

2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.ingage.tech/wdc/v1/sync/openx/bab946ce-6dcf-476d-8747-882da785adee?uid=273fcb7b-0b0a-46f0-b707-5a537f700cf2
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=1296000
cf-cache-status: DYNAMIC
cf-ray: 8f3b4adc4f38c470-EWR
date: Wed, 18 Dec 2024 01:13:48 GMT
server: cloudflare
vary: Origin

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Wed, 18 Dec 2024 01:13:48 GMT
location: https://cs.ingage.tech/wdc/v1/sync/openx/bab946ce-6dcf-476d-8747-882da785adee?uid=273fcb7b-0b0a-46f0-b707-5a537f700cf2
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

204

bab946ce-6dcf-476d-8747-882da785adee
cs.ingage.tech/wdc/v1/sync/sovrn/ Frame 8D55
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcs.ingage.tech%2Fwdc%2Fv1%2Fsync%2Fsovrn%2Fbab946ce-6dcf-476d-8747-882da785adee%3Fuid%3D%24UID&gpp_sid=&gdpr=0
https://cs.ingage.tech/wdc/v1/sync/sovrn/bab946ce-6dcf-476d-8747-882da785adee?uid=J2XpABZH9jHh6R2ASeWXzWgN

0
0

98ms
32ms

Document
text/plain

2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.ingage.tech/wdc/v1/sync/sovrn/bab946ce-6dcf-476d-8747-882da785adee?uid=J2XpABZH9jHh6R2ASeWXzWgN
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=1296000
cf-cache-status: DYNAMIC
cf-ray: 8f3b4adc4f3ac470-EWR
date: Wed, 18 Dec 2024 01:13:48 GMT
server: cloudflare
vary: Origin

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Wed, 18 Dec 2024 01:13:48 GMT
location: https://cs.ingage.tech/wdc/v1/sync/sovrn/bab946ce-6dcf-476d-8747-882da785adee?uid=J2XpABZH9jHh6R2ASeWXzWgN
vary: Accept-Encoding

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 619B 0
0 15ms
15ms Document
text/html 23.50.125.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-215.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Wed, 18 Dec 2024 01:13:48 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 200 presync.html
scripts.opti-digital.com/js/ Frame 31D1 0
0 143ms
41ms Document
text/html 2606:4700::6812:234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8f3b4adc7e9442e7-EWR
content-encoding: br
content-type: text/html
date: Wed, 18 Dec 2024 01:13:48 GMT
expires: Wed, 18 Dec 2024 03:13:48 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-cloud-trace-context: 8c6dbee029c9801ded008e58bef85d48

GET
H2 200 beacon
ce.lijit.com/ Frame C8E9 0
0 115ms
15ms Document
text/html 34.194.79.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=13386848
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.194.79.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-79-112.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding: gzip
content-length: 1203
content-type: text/html
date: Wed, 18 Dec 2024 01:13:48 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 319E 0
0 13ms
10ms Document
text/html 23.54.68.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-197.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=150117
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Wed, 18 Dec 2024 01:13:48 GMT
expires: Thu, 19 Dec 2024 18:55:45 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 8173 0
0 18ms
16ms Document
text/html 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1093
content-type: text/html; charset=utf-8
date: Wed, 18 Dec 2024 01:13:48 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 274D 0
0 21ms
20ms Document
text/html 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 511
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8f3b4adbfa3c18f6-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Dec 2024 01:13:48 GMT
expires: Wed, 18 Dec 2024 05:13:48 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

204

bab946ce-6dcf-476d-8747-882da785adee
cs.ingage.tech/wdc/v1/sync/sharethrough/ Frame 968E
Redirect Chain

https://cs.ingage.tech/wdc/v1/syncPage/sharethrough?userId=bab946ce-6dcf-476d-8747-882da785adee&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6&gdpr=0
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
https://cs.ingage.tech/v1/syncPage/sharethrough?uid=4dab2354-135c-43e0-814c-d2971720a22f
https://cs.ingage.tech/wdc/v1/sync/sharethrough/bab946ce-6dcf-476d-8747-882da785adee?uid=4dab2354-135c-43e0-814c-d2971720a22f

0
0

34ms
34ms

Document
text/plain

2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.ingage.tech/wdc/v1/sync/sharethrough/bab946ce-6dcf-476d-8747-882da785adee?uid=4dab2354-135c-43e0-814c-d2971720a22f
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.overtake.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=1296000
cf-cache-status: DYNAMIC
cf-ray: 8f3b4adcffffc470-EWR
date: Wed, 18 Dec 2024 01:13:48 GMT
server: cloudflare
vary: Origin

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8f3b4adcbfd4c470-EWR
content-length: 0
date: Wed, 18 Dec 2024 01:13:48 GMT
location: /wdc/v1/sync/sharethrough/bab946ce-6dcf-476d-8747-882da785adee?uid=4dab2354-135c-43e0-814c-d2971720a22f
server: cloudflare
vary: Origin

GET
H/1.1

200

usersync
usersync.gumgum.com/
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-bm8aRANE2pd1.YTOZKyr556eszGocH52I0IQ~A

35 B
250 B

46ms
19ms

Image
image/gif

52.207.45.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-bm8aRANE2pd1.YTOZKyr556eszGocH52I0IQ~A
Protocol: HTTP/1.1
Server: 52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-45-55.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Wed, 18 Dec 2024 01:13:48 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
location: https://usersync.gumgum.com/usersync?b=oth&i=y-bm8aRANE2pd1.YTOZKyr556eszGocH52I0IQ~A
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-length: 0
date: Wed, 18 Dec 2024 01:13:48 GMT
server: ATS
x-frame-options: DENY

GET
H/1.1

200

usersync
usersync.gumgum.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/gum
https://usersync.gumgum.com/usersync?b=bwx&i=AAJz0E7OxEQAABZF_DHftA

35 B
250 B

123ms
21ms

Image
image/gif

52.207.45.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bwx&i=AAJz0E7OxEQAABZF_DHftA
Protocol: HTTP/1.1
Server: 52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-45-55.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Wed, 18 Dec 2024 01:13:48 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: http://usersync.gumgum.com/usersync?b=bwx&i=AAJz0E7OxEQAABZF_DHftA
Content-Length: 0
Date: Wed, 18 Dec 2024 01:13:48 GMT
Server: gunicorn
Connection: keep-alive

GET
H2

200

10.gif
id5-sync.com/c/441/1228/0/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=u_8bef38e8-310a-4969-adf6-dc13e84bc2e7&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=27&3pid=da1885a5-023f-4800-b3fa-625212598cf2&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%...
https://id5-sync.com/c/441/1245/8/2.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F7%2F3.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/441/203/7/3.gif?puid=3609da4f-8f1b-409b-99f3-20f3610f03ed&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=58&3pid=477AA176-F89A-450C-8E45-4E5A86A7FA7F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%...
https://id5-sync.com/c/441/1242/6/4.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/441/108/5/5.gif?puid=27ad4042-4fa7-4696-aee2-e8478ca2e068&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=85&3pid=AAJz0E7OxEQAABZF_DHftA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/441/1241/4/6.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fid5-sync.com%2Fa%2F441%2F1132%2F3%2F7%2Fgif%2F0%2F0%2F0%2F0%2F
https://id5-sync.com/a/441/1132/3/7/gif/0/0/0/0/d3991727-6b8d-45e8-9125-40bc542d72da
https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F987%2F2%2F8.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/441/987/2/8.gif?puid=di_002ceb35702145b1b95ed&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F1%2F9.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/441/826/1/9.gif?puid=460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1228%2F0%2F10.gif%3Fpuid%3...
https://id5-sync.com/c/441/1228/0/10.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=

43 B
2 KB

93ms
92ms

Image
image/gif

162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/441/1228/0/10.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=

Protocol

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Wed, 18 Dec 2024 01:13:49 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://id5-sync.com/c/441/1228/0/10.gif?puid=J2XpABZH9jHh6R2ASeWXzWgN&gdpr=0&gdpr_consent=
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 18 Dec 2024 01:13:49 GMT
vary: Accept-Encoding

GET
H/1.1

200

usersync
usersync.gumgum.com/
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=d3991727-6b8d-45e8-9125-40bc542d72da

35 B
250 B

134ms
22ms

Image
image/gif

52.207.45.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=d3991727-6b8d-45e8-9125-40bc542d72da
Protocol: HTTP/1.1
Server: 52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-45-55.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Wed, 18 Dec 2024 01:13:48 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

location: https://usersync.gumgum.com/usersync?b=opx&i=d3991727-6b8d-45e8-9125-40bc542d72da
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 18 Dec 2024 01:13:47 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H/1.1

200

usersync
usersync.gumgum.com/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=T5P-jw8nUo1lBDqMv9_zWwW16oQ

35 B
250 B

46ms
18ms

Image
image/gif

52.207.45.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=T5P-jw8nUo1lBDqMv9_zWwW16oQ
Protocol: HTTP/1.1
Server: 52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-45-55.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Wed, 18 Dec 2024 01:13:48 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=T5P-jw8nUo1lBDqMv9_zWwW16oQ
Content-Length: 99
Date: Wed, 18 Dec 2024 01:13:48 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=criteo&custom_data=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-IePDH_tIjOv-h...
https://ssp-sync.criteo.com/user-sync/match?p=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&u=805adf01-b5c0-4b22-806b-ad299815a1ad

0
141 B

19ms
16ms

Image
text/plain

2620:100:a00b::28
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&u=805adf01-b5c0-4b22-806b-ad299815a1ad

Protocol

Server

2620:100:a00b::28 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Wed, 18 Dec 2024 01:13:47 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //ssp-sync.criteo.com/user-sync/match?p=LhzM6V9COGR6TEZDSmRhSUQ4aFVXTHBrWTJnd2I0ZkJjT2pkJTJGRmh3MmJTTktYY28lM0Q&u=805adf01-b5c0-4b22-806b-ad299815a1ad
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:48 GMT

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q%26u%3d%24UID&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q&u=1183467559838709040&gdpr=0&gdpr_consent=

0
142 B

41ms
15ms

Image
text/plain

2620:100:a00b::28
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q&u=1183467559838709040&gdpr=0&gdpr_consent=

Protocol

Server

2620:100:a00b::28 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Wed, 18 Dec 2024 01:13:47 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://ssp-sync.criteo.com/user-sync/match?p=_yvnC195cVhMUzVNcHVxM2tqWGFJM25yQVljZzZlRkJMcDhDM2lEd2twM1JLJTJCazAlM0Q&u=1183467559838709040&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.132; 5.181.234.132; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 85b87895-bd59-473f-b60e-b217df5fe42a
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 18 Dec 2024 01:13:48 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=3609da4f-8f1b-409b-99f3-20f3610f03ed&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dIUP...
https://ssp-sync.criteo.com/user-sync/match?p=IUPsTV9QM1QlMkZLVzhXJTJGYWRrSU14JTJCUkh2eE15c2Y2TXVkZnA3eWxmblRQaDlPcmVBJTNE&u=CAESEEouKeOhK5MDFTTLVLolEvA&gdpr=0&gdpr_consent=&google_cver=1

0
141 B

69ms
29ms

Image
text/plain

2620:100:a00b::28
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=IUPsTV9QM1QlMkZLVzhXJTJGYWRrSU14JTJCUkh2eE15c2Y2TXVkZnA3eWxmblRQaDlPcmVBJTNE&u=CAESEEouKeOhK5MDFTTLVLolEvA&gdpr=0&gdpr_consent=&google_cver=1

Protocol

Server

2620:100:a00b::28 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Wed, 18 Dec 2024 01:13:48 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ssp-sync.criteo.com/user-sync/match?p=IUPsTV9QM1QlMkZLVzhXJTJGYWRrSU14JTJCUkh2eE15c2Y2TXVkZnA3eWxmblRQaDlPcmVBJTNE&u=CAESEEouKeOhK5MDFTTLVLolEvA&gdpr=0&gdpr_consent=&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 400
date: Wed, 18 Dec 2024 01:13:48 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 26ms
18ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4xnG,pingTime:1,time:1407,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:346%7D,%7Bpiv:100,vs:i,r:,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1010,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:23,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c1.2066062-84511485%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c1.f0eceebf-e39e-0fca-b6da-4fac3cd7c0b1.33_2066062-84511485%7C1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,msd:0,ph:10837,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:48 GMT
content-type: image/gif
server: nginx
x-server-name: dt53.va.303net.net

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 26ms
18ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4xnG,pingTime:1,time:1407,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:346%7D,%7Bpiv:100,vs:i,r:,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1010,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:23,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c1.2066062-84511485%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c1.f0eceebf-e39e-0fca-b6da-4fac3cd7c0b1.33_2066062-84511485%7C1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,msd:0,ph:10837,sis:445,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:48 GMT
content-type: image/gif
server: nginx
x-server-name: dt54.va.303net.net

GET
H2 204 mevent Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
38 B 84ms
83ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-cs-external.venatusmedia.com/prvk/1/mevent?pi=3818&li=6868965527&ss=1600x1200&vp=1600x1200&s=54246883-6ef6-4b2b-a691-c67b4da18fa2&g=US&dev=desktop&os=Linux&b=chrome&evt=Video%20Watched%201%25

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:48 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
H2 204 mevent Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
38 B 85ms
85ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:49 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

POST
H2 204 collect
analytics.google.com/g/ 0
0 25ms
23ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RQB4Z4BXHC&gtm=45je4cc1v9126221616za200&_p=1734484423928&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=699552227.1734484425&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&sid=1734484424&sct=1&seg=0&dl=https%3A%2F%2Fwww.overtake.gg%2Fdownloads%2Fwrc-telemetry-patch.38991%2F&dt=WRC%20Telemetry%20Patch%20%7C%20OverTake.gg%20(Formerly%20RaceDepartment)&_s=2&tfd=6626
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.overtake.gg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:13:49 GMT
content-type: text/plain
server: Golfe2

GET
H2 204 mevent Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
38 B 95ms
80ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:50 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
H2 204 mevent Show response
edge-cs-external.venatusmedia.com/prvk/1/ 0
15 B 87ms
84ms XHR
application/json 34.34.170.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/UK_502265_THEFINALSS5US/3818/creative.min.js?v=376316842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.34.170.154 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.170.34.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

access-control-allow-origin: https://www.overtake.gg
date: Wed, 18 Dec 2024 01:13:50 GMT
content-type: application/json
access-control-allow-credentials: true
x-frame-options: deny

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 17ms
16ms Image
image/gif 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=a078ac87-8c7f-a098-4bc7-1b3baadda122&tv=%7Bc:xa4yqd,pingTime:5,time:5408,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:346%7D,%7Bpiv:100,vs:i,r:,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5011,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:346,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D,%7Bsl:i,t:397,wc:20.20.1600.1200,ac:1085.524.300.250,am:i,cc:1085.524.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5011~100%5D,as:%5B5011~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:31,fm:uxgzTsR+11%7C12111%7C12112%7C12113%7C12114%7C121151%7C121152%7C121153%7C121154%7C121155%7C1211561%7C1211562%7C121157%7C12116%7C12117%7C12118%7C121191%7C121192%7C1211a%7C1211b%7C1211c%7C1211d1%7C1211d2%7C1211e%7C1221%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c*.854585-68926917%7C1c1.2066062-84511485%7C1c11%7C1c12%7C1c13%7C1c2%7C1d%7C1e%7C1f,idMap:1c1.f0eceebf-e39e-0fca-b6da-4fac3cd7c0b1.33_2066062-84511485%7C1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:348,msd:0,ph:10837,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.overtake.gg/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Wed, 18 Dec 2024 01:13:52 GMT
content-type: image/gif
server: nginx
x-server-name: dt27.va.303net.net

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1808851979744148&bg=!ubqluvXNAAbtGp3CzRo7ADQBe5WfOGliOjJrrXtoMOeUFnZTC1bMJjaLY_NF8CfrMKh0LAzcJIWm2W_LA8p0lpGrnp-oAgAAAEhSAAAABWgBB34ANiExqni0elmS8fLJQbBw-6B755VBY-pRHFe5IEsELurA6Xlt9LuzHdHFg52Dnip5Rae0BxlgbJkCjQiWLIfLHff_qzCiKB1GodBaHFIGHFhk5nzsPFyU7yvEsICTPXnEu825a0W-oUocLqb9KFI91lZM8N-Ea2SoBdVnu8_G1AQcshVNtXum_gIcIBc18WzWxYiaDqQm1Gw85eE1U4YN7g1319h8a7hOERm3srRBYwjohBSGBbkyzOl8iojD2gc-6u88T-WMwD5ka29giNH5Zy-tNq6o-v8cjw7XJF3V9gCDZEvrCyiObrZOdlRcd6V3Hw9HtsCT_YpWYweBu7VE39aT_PWXKJtkiCg5PUhzYAyAb3kgPan-eIaf5IghR_G_V-cI6ZMdy0RAa_mYymMId5JjBkfXpEhHNLemNnkfXjk7NOE5UYsWbcIIzN1ZizAoRmH7Syu_Jdj9dcz3D9F-KFbmeK3vuEZWYCFdCU2Ta1wgfb9zw4AsNnd6RlVmyYMhB40OlGJbQfgnNRdQoxswJuQmP-JwW9um1BA2omVNhpDjNUJeRYhL2NDy9_EHemqLwvkT3X3laYyM9ju6Oqd6pCk2DDAFP75lQQJqwn0jfknkc1mGfI8Z455s_P5vWPb5CTxFR-g9mpaFZU6H-lyU73utEQpEv3RHts6hN8NBiW7ZrYREWq1gnLyHpzY5A5b5gq6ZaW166Xr94FU2CUOTXOnre2z-VagzsEOI_xQWmNBMhKivmxTCNH-SwOQ9ftVC6WrH2Y_n3GpcnlroRZJuZ27kRwqR3pTfXXGQXsJCR3oS6l_vXJOWvvq83wY3JM8JfcrtQaCKh4YxalAFSmC6MsTaTbHIXhpk4Gb6KsNc25jpDM7q6dAaUVOFC2z9EXEFmy0e-8COReg9UEuyhEbCm316bdYwQ1lXvPlq7KZ6zvM99QqppQyk

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.overtake.gg&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Domain: www.overtake.gg
URL: blob:https://www.overtake.gg/c9e949ed-ffaa-422d-8f3d-dea4eb7f825a

Domain: www.overtake.gg
URL: blob:https://www.overtake.gg/a32a3ae5-9e6c-4b1e-8996-7229aa9e9601

Domain: www.overtake.gg
URL: blob:https://www.overtake.gg/db00078e-318e-477f-9982-e0423990bee3

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

310 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/openrtb_2_5/pbjs/auction	1970-01-21 11:09:40	Name: cto_bundle Value: R99KF19TSUNiRGpKOEZuQ2hFa09Bb2VXUFNWYUZEQXEyamphQmFVZFc5M3p2STlFcWloUlRaWFBIdUQlMkZSR0RIanhNTk5JWncyVHV0WndVOHJ4dWFIMDFEMDZwMzFUcGdrRFZPVjRMaWhiVG9UNnVjJTNE
.3lift.com/sync	1970-01-21 03:57:40	Name: sync Value: CgoIgAIQ_IrQur0yCgoIoQEQ_IrQur0yCgoIgQIQ1IzQur0yCgoI4gEQ_IrQur0yCgoI5gEQ_IrQur0yCgoIhwIQ_IrQur0yCgoI5wEQ1IzQur0yCgkISRDUjNC6vTIKCQgLENSM0Lq9MgoKCIwCEPyK0Lq9MgoKCKwCEPyK0Lq9MgoKCK0CENSM0Lq9MgoKCM4BENSM0Lq9MgoKCJQCENSM0Lq9MgoKCLcCENSM0Lq9MgoJCDkQ1IzQur0yCgkIOhD8itC6vTIKCQgbEPyK0Lq9MgoKCN4BENSM0Lq9MgoJCF8Q_IrQur0y
.smartadserver.com/api	1970-01-21 03:57:40	Name: pid Value: 960493295238539608
www.overtake.gg/	1969-12-31 23:59:59	Name: xf_csrf Value: YDpX4JWH_aRX-tdJ
www.overtake.gg/	1970-01-21 02:31:16	Name: hb_insticator_uid Value: bab946ce-6dcf-476d-8747-882da785adee
www.overtake.gg/	1969-12-31 23:59:59	Name: xf_sam_ad_views Value: %7B%22103%22%3A1734484424%7D
.overtake.gg/	1970-01-21 01:49:30	Name: _gid Value: GA1.2.173860550.1734484425
.overtake.gg/	1970-01-21 01:48:04	Name: _gat_gtag_UA_4830345_3 Value: 1
.lijit.com/	1970-01-21 10:33:40	Name: ljt_reader Value: J2XpABZH9jHh6R2ASeWXzWgN
.prebid.a-mo.net/	1970-01-21 10:33:40	Name: __amc Value: 1_1734484424_1734484424
.a-mo.net/	1970-01-21 10:33:40	Name: amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.a-mo.net/	1970-01-21 10:33:40	Name: pamuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.prebid.a-mo.net/	1970-01-21 10:33:40	Name: psd_amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.prebid.a-mo.net/	1970-01-21 10:33:40	Name: sd_amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.casalemedia.com/	1970-01-21 10:33:40	Name: receive-cookie-deprecation Value: 1
.overtake.gg/	1970-01-21 11:24:04	Name: _ga Value: GA1.1.699552227.1734484425
.overtake.gg/	1970-01-21 11:24:04	Name: _ga_RQB4Z4BXHC Value: GS1.1.1734484424.1.0.1734484424.60.0.0
.gumgum.com/	1970-01-21 10:33:40	Name: vst Value: u_8bef38e8-310a-4969-adf6-dc13e84bc2e7
.3lift.com/	1970-01-21 03:57:40	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 03:57:40	Name: tluid Value: 196594615873390011840
.rubiconproject.com/	1970-01-21 10:33:40	Name: khaos Value: M4T78RDA-B-33WD
.kueezrtb.com/	1970-01-21 01:48:05	Name: vdzj1_ab10bf19 Value: VTF14w3sXhNgkWAOjIMDBEDORo6CQ4lMm1QEm9BARVtX3YGU28kLA97e0QGEW5RL1dYYXRtRmt7RAQSbVB%2FX1o2Inlee3pDB0tuDn0CDWRjY0h%2FfkBSRWoKflYKNHd7WH55QwtFPlF%2BU1x1bW1cenoWBUJrUH1UW2B2elJ7fkQCFmFeL1FJe2N5WX4sQQNDa1kvBF1jc3hefXVBVUthWH9FR3V3fFoveUUBF2pfeAMJNSd4Un14FFFKYApsS0lhcngLf3wRB0I5C3hTWWB1e1J%2FK09WETpKYkVdZHYrWnh5QAoQa158VVpgIi4JKHVHUkR6RGxRWDMnK1h8f0IHEW8JLAVbZSd%2BX3p7QgVRdEp4VFw2d34Le3kUBxVqCX8FXGEieF8rexERX3pefVJdNXN9Wyh9QlYVag52U1o2dnhTcXVVH1FuXipQW2cld1x7ehQFEmkOdlMJMXAuD39vWxFFa1stUF0yd3hef3hGBEQ5C3YBDzV4KltrEFsREDcdIBNJbXFjSC4pB0FRYhMzS0kkJDwZICIZEUl6DSoGWW5xKQhkekIBR3Vcd1VTeiUrUixgFlJEbVksAl1vJXxda2FVUBw2BisEHz4uISMtb00RRW4NflAKYXQuXXh8TwdAbF92A1NidnZfazA%3D
.kueezrtb.com/	1970-01-21 02:31:16	Name: vdz_sync Value: 26130beb-6beb-1eb4-20ad-3de527628eee
.kueezrtb.com/	1970-01-21 01:48:05	Name: vdzj1_94819790 Value: TpF15nUGlFFZkfRw7hvVFXc3DTQyNA4UIVUNM1RgXWImWX53YloHMUEDWkFiWm1xCnUjPFhEflUBWhBjWW0mVH4jOQ5UZEQCCkBvD2V0WnNkdklQYUBWXkQ0XmQmD3ByaFxSZk8BDk9mWmJlQGRwaVsAZkUFDERhWDElDiBxYl9TMRUOUBR0QndxX3EnbFtWYUZWC0BiXGJzWH5wPFNfYkYVRFRgXWIjXHdybVIFYUEFWkdhDTQkDX52O1xEflUBW0E3WGR0VHV1alxRZ08FW0VnC2xxDXBkdklQYUBWXkcwWmQmD3ByaFxSZk8BDk4zDDdlQGRwaQ8ANkUCWkNiDGImDiR2aA1XZ0QBXUB0QndxXiIiYwhVYE4FDUZiCGJ1VSB%2BOVNSa0cVRFRgXWImWncnaF8FZhEFCUc0WWMkW3MkbA1EflUBW0NgDGd1XSd2bw4AYBEPXEc3WWJ%2BVH5kdklQZBMAWEYyVmN1WyVwO1oAakNVDkc3C2NlQGRwaVgFZUFSXkFiWGB2W3EnOVMANhUODUd0M3llDykzNB9EaEcbShEyHidlVj07dkkVNwREARk4TG9lXHN%2Fb15TYUIaWUFkDXh3VXFxd18Ca0caDBNlVmxyCCB%2BOV9fcFsVCxk4ADAkGC8pNCICcE0VXkAzXmImWnUlaFNQYhYAWUNiCzF0VHMleBY%3D
.amazon-adsystem.com/	1970-01-21 06:28:52	Name: ad-id Value: A4Ax7Uir7UeMnV6FCmR2H_o
.amazon-adsystem.com/	1970-01-21 11:24:04	Name: ad-privacy Value: 0
.overtake.gg/	1970-01-21 10:33:40	Name: _au_1d Value: AU1D-0100-001734484425-8ME6GT9C-3F03
.turn.com/	1970-01-21 06:07:16	Name: uid Value: 8222155452907852911
.adnxs.com/	1970-01-21 11:24:04	Name: receive-cookie-deprecation Value: 1
.go.sonobi.com/	1970-01-21 01:49:30	Name: __uin_a9 Value: 1
.go.sonobi.com/	1970-01-21 01:48:38	Name: __uir_a9 Value: 61949624
.openx.net/	1970-01-21 10:33:40	Name: i Value: f7088c0e-ea1f-4249-ac88-98b9f85a4061\|1734484425
.contextweb.com/	1970-01-21 10:26:28	Name: V Value: Itgskev46G1h
.contextweb.com/	1970-01-21 10:26:28	Name: VP Value: part_Itgskev46G1h
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3cba28a8dd4c16b5
.casalemedia.com/	1970-01-21 10:33:40	Name: CMID Value: Z2IhydHM50wAAAsGA3JPZAAA
.casalemedia.com/	1970-01-21 03:57:40	Name: CMPS Value: 1385
.casalemedia.com/	1970-01-21 03:57:40	Name: CMPRO Value: 1385
.3lift.com/	1970-01-21 03:57:40	Name: tluidp Value: 196594615873390011840
.yellowblue.io/	1970-01-21 02:31:16	Name: wrvUserID Value: G8zbWF-rC
.postrelease.com/	1970-01-21 10:33:40	Name: visitor Value: 09b55851-2a49-4b6c-ac1a-50885f101ba0
.postrelease.com/	1970-01-21 10:33:40	Name: status Value: 0
.omnitagjs.com/	1970-01-21 02:31:16	Name: ayl_visitor Value: 4c6d587328a1ece443a94ae9fb4ce211
.tappx.com/	1970-01-21 02:31:16	Name: TXUSERID Value: c2d9f2ef-fe90-4b44-a735-eeb3e33b9d26f1a
.tappx.com/	1970-01-21 02:31:16	Name: TXCD Value: 1734484425
.mediago.io/	1970-01-21 10:33:40	Name: __mguid_ Value: e94ce74f469de5382vr0ly00m4t78rx9
.tapad.com/	1970-01-21 03:14:28	Name: TapAd_TS Value: 1734484425314
.tapad.com/	1970-01-21 03:14:28	Name: TapAd_DID Value: 27ad4042-4fa7-4696-aee2-e8478ca2e068
.adnxs.com/	1970-01-21 03:57:40	Name: XANDR_PANID Value: TYAMsUG7sBBguVteOGbkD5NeobQ62f9Qjf3pE-yUX2W5cmO8OlJW6mCb91HeN4EZkE94sjATsYkfhTP1Zk5hcgqbvgfN5T9qlpYNlTC0Zdk.
.adnxs.com/	1970-01-21 03:57:40	Name: uuid2 Value: 1183467559838709040
.sharethrough.com/	1970-01-21 02:31:16	Name: stx_user_id Value: 4dab2354-135c-43e0-814c-d2971720a22f
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uis Value: 9b0acc2a-46e2-40f4-97eb-89d26f35a62b
.inmobi.com/	1970-01-21 10:33:40	Name: TEST-COOKIE Value: YES
.adsrvr.org/	1970-01-21 10:33:40	Name: TDID Value: da1885a5-023f-4800-b3fa-625212598cf2
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_162 Value: OPTOUT
.rubiconproject.com/	1970-01-21 10:33:40	Name: khaos_p Value: M4T78RDA-B-33WD
.inmobi.com/	1970-01-21 10:33:40	Name: iid Value: ID5-1-e8f9bd8b-e09f-4446-8192-3abcb325d6e1
.sitescout.com/	1970-01-21 10:33:40	Name: ssi Value: 460d09da-526a-4fc5-afeb-283f72c6cd0b#1734484425434
.yieldmo.com/	1970-01-21 10:33:40	Name: yieldmo_id Value: Vz7OrrrWxOrrqSXH9ls2%7C1734480000000%7C3696242350707595767
.bidswitch.net/	1970-01-21 10:33:40	Name: c Value: 1734484425
.bidswitch.net/	1970-01-21 10:33:40	Name: tuuid_lu Value: 1734484425
.pubmatic.com/	1970-01-21 10:33:40	Name: KADUSERCOOKIE Value: 477AA176-F89A-450C-8E45-4E5A86A7FA7F
sync.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id Value: s%3A0-4f93fe8f-0f27-528d-6504-3a8cbfdff35b.Z9GEt75eSJrBNKcnjbeElbNuACAytCUwubioe%2B6Kp0A
.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id Value: s%3A0-4f93fe8f-0f27-528d-6504-3a8cbfdff35b.Z9GEt75eSJrBNKcnjbeElbNuACAytCUwubioe%2B6Kp0A
sync.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id-v2 Value: s%3AT5P-jw8nUo1lBDqMv9_zWwW16oQ.8c4axZk%2B%2Fgo7qxMj2jkIZrOTbpSIKbWhG2SVSMXoxSs
.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id-v2 Value: s%3AT5P-jw8nUo1lBDqMv9_zWwW16oQ.8c4axZk%2B%2Fgo7qxMj2jkIZrOTbpSIKbWhG2SVSMXoxSs
.smaato.net/	1970-01-21 02:18:18	Name: SCMrise Value: 61d6f7f49a
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_sharthrough Value: b8ea29db-7695-4e7e-b47c-c197584941da
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 200784
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_40 Value: 774630
.adkernel.com/	1970-01-21 02:31:16	Name: ADKUID Value: A3535243474225324870
.360yield.com/	1970-01-21 03:57:40	Name: tuuid Value: 52844611-0f84-412f-b5d7-b335687dfa45
.360yield.com/	1970-01-21 03:57:40	Name: tuuid_lu Value: 1734484425
.admanmedia.com/	1970-01-21 02:08:12	Name: admtr Value: d4a78e70-b9ac-4cc2-99ac-d3df380b70f1
.33across.com/	1970-01-21 10:33:40	Name: 33x_ps Value: u%3D212923171868834%3As1%3D1734484425483%3Ats%3D1734484425483
.ad.gt/	1970-01-21 10:33:40	Name: au_id Value: AU1D-0100-001734484425-8ME6GT9C-3F03
.doubleclick.net/	1970-01-21 11:24:04	Name: IDE Value: AHWqTUksAk6SG0ZaCFgY2D4iwYZ62yGJGnzK2rVYLy-qQoc0PZVn_aerk2UwI89RIWc
.smaato.net/	1970-01-21 02:18:18	Name: SCM Value: b4430eef34
.smaato.net/	1970-01-21 02:18:18	Name: SCMinmobi Value: b4430eef34
sync.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EGcYBCDJw4i7BjABOgSAOSS3QgSGEkUV.qRoOIEJsVXozCpfECbYSxDkgOBMalV0qzEBAbvWAGKY
.srv.stackadapt.com/	1970-01-21 10:33:40	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EGcYBCDJw4i7BjABOgSAOSS3QgSGEkUV.qRoOIEJsVXozCpfECbYSxDkgOBMalV0qzEBAbvWAGKY
.deepintent.com/	1970-01-21 11:24:04	Name: CDIUSER Value: di_002ceb35702145b1b95ed
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_28 Value: 196594615873390011840
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_13 Value: J2XpABZH9jHh6R2ASeWXzWgN
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_45 Value: 6682525138180008307
.go.sonobi.com/	1970-01-21 03:57:40	Name: __uir_td Value: 266071609141446328
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uin_td Value: da1885a5-023f-4800-b3fa-625212598cf2
.go.sonobi.com/	1970-01-21 02:34:52	Name: __uir_st Value: 266071609141446328
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uin_st Value: T5P-jw8nUo1lBDqMv9_zWwW16oQ
.bidr.io/	1970-01-21 11:16:34	Name: bito Value: AAJz0E7OxEQAABZF_DHftA
.bidr.io/	1970-01-21 11:16:34	Name: bitoIsSecure Value: ok
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_231 Value: d4a78e70-b9ac-4cc2-99ac-d3df380b70f1
.temu.com/	1970-01-21 01:48:06	Name: __cf_bm Value: .mDKdJ44SQkHZEa8nFX1P5YP57vzfoqpDC6zbLBZeQQ-1734484425-1.0.1.1-3aY7.ifMOqzC1hBRvJYakuzzMj8p.C5.KcRqxIcEgDLzbYVP3chBrOG3ERuvRv9uwEz0OwSSZnKnkK2edqLV6A
.bidswitch.net/	1970-01-21 10:33:40	Name: tuuid Value: 805adf01-b5c0-4b22-806b-ad299815a1ad
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_1111 Value: A3535243474225324870
.krushmedia.com/	1970-01-21 02:08:14	Name: krm_usr Value: 733ad11f-9d9b-5e0c-b761-e479711954f0
.go.sonobi.com/	1970-01-21 02:34:52	Name: __uir_tu Value: 266071609141446328
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uin_tu Value: 9b0acc2a-46e2-40f4-97eb-89d26f35a62b
.company-target.com/	1970-01-21 11:24:04	Name: tuuid Value: e3cfbdba-dbc1-4a5e-876e-2e8d999c3319
.company-target.com/	1970-01-21 11:24:04	Name: tuuid_lu Value: 1734484425\|ix:0
.simpli.fi/	1970-01-21 10:35:06	Name: suid Value: 44B5E25C83C54339AE24EF078935724C
.zemanta.com/	1970-01-21 10:33:40	Name: zuid Value: zYA3jp5GLre0fKPfZObg
.media.net/	1970-01-21 10:33:40	Name: visitor-id Value: 3774860250813277000V10
.media.net/	1970-01-21 10:33:40	Name: data-ris Value: {{APID}}~~25
.frvr.com/	1970-01-21 02:08:14	Name: franuid Value: 886ac261-4cf3-4a15-bd42-b90e739afe9e
.rlcdn.com/	1970-01-21 10:33:40	Name: rlas3 Value: HG3K4yL7CvVDsLVFm/8aKkBVTCN4xOtdhynw8bGz7H4=
.admanmedia.com/	1970-01-21 02:08:12	Name: ac_r Value: CS163\|CS208
.quantserve.com/	1970-01-21 11:18:18	Name: mc Value: 676221c9-99e0b-65456-0b37f
.inmobi.com/	1970-01-21 10:33:40	Name: gob_cookie Value: YES
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_253 Value: 52844611-0f84-412f-b5d7-b335687dfa45
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_80 Value: 22987-CAESEAhpesy98Ey7vepz9qzzGGc&KRTB&16514-CAESEAhpesy98Ey7vepz9qzzGGc&KRTB&23025-CAESEAhpesy98Ey7vepz9qzzGGc&KRTB&23386-CAESEAhpesy98Ey7vepz9qzzGGc
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_148 Value: 19421-uid:44B5E25C83C54339AE24EF078935724C&KRTB&23486-uid:44B5E25C83C54339AE24EF078935724C&KRTB&23489-uid:44B5E25C83C54339AE24EF078935724C&KRTB&23539-uid:44B5E25C83C54339AE24EF078935724C
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_377 Value: 6810-da1885a5-023f-4800-b3fa-625212598cf2&KRTB&22918-da1885a5-023f-4800-b3fa-625212598cf2&KRTB&22926-da1885a5-023f-4800-b3fa-625212598cf2&KRTB&23031-da1885a5-023f-4800-b3fa-625212598cf2
.creativecdn.com/	1970-01-21 10:33:40	Name: ts Value: 1734484425
.rubiconproject.com/	1970-01-21 03:57:40	Name: receive-cookie-deprecation Value: 1
.csync.loopme.me/	1970-01-21 03:57:40	Name: viewer_token Value: eeeb10f8-4f49-4bee-88ee-df564e47f27a
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_699 Value: 22727-AAJz0E7OxEQAABZF_DHftA&KRTB&23649-AAJz0E7OxEQAABZF_DHftA
.tynt.com/	1970-01-21 10:33:40	Name: uid Value: NEZ+LmdiIcn3KZLeGGPrIw==
.semasio.net/	1970-01-21 10:33:40	Name: SEUNCY Value: 49068926B4564E00
.rlcdn.com/	1970-01-21 03:14:28	Name: pxrc Value: CMnDiLsGEgUI6AcQABIGCPPCKxAA
.yahoo.com/	1970-01-21 10:34:02	Name: A3 Value: d=AQABBMkhYmcCEI36I3fNNyiPXW9oo2Zv3AEFEgEBAQFzY2dsZ9xH0iMA_eMAAA&S=AQAAAjU_bXw6pjm0D-Hd2CjsA80
.go.sonobi.com/	1970-01-21 03:57:40	Name: __uir_bw Value: 266071609141446328
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uin_bw Value: 805adf01-b5c0-4b22-806b-ad299815a1ad
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_109 Value: 1a637391-2d9d-4476-b7c6-71a3820ad7c2
.creativecdn.com/	1970-01-21 10:33:40	Name: g Value: b2UlC0S2LsR1L0YxumxV_1734484425702
.crwdcntrl.net/	1970-01-21 08:16:52	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:16:52	Name: _cc_id Value: 3d7037b0769fee215d5a934e68414ecc
.crwdcntrl.net/	1970-01-21 08:16:52	Name: _cc_cc Value: "ACZ4nGNQME4xNzA2TzIwN7NMS001MjRNMU20NDZJNbMwMTRJTU5mAIL0JMWTDAgAAEpsCm0%3D"
.crwdcntrl.net/	1970-01-21 08:16:52	Name: _cc_aud Value: "ABR4nGNgYGBIT1I8yQAHABTdAbQ%3D"
.tynt.com/	1970-01-21 03:57:40	Name: pids Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1734484425740%7D%5D
sync.clearnview.com/	1970-01-21 03:57:40	Name: uid Value: 20992810-bc25-5ee9-b405-3a01e8878761
.sportradarserving.com/	1970-01-21 10:32:14	Name: zuuid Value: cb159ad7-ef5d-414e-8269-0556eedb9584
.sportradarserving.com/	1970-01-21 10:32:14	Name: c Value: 1734484425
.sportradarserving.com/	1970-01-21 10:32:14	Name: zuuid_lu Value: 1734484425
.blismedia.com/	1970-01-21 10:33:44	Name: b Value: 676221C975CE1A3D1A34C4AA_
.linkedin.com/	1970-01-21 10:33:40	Name: bcookie Value: "v=2&5f39ba19-f504-404a-8b55-8cbedf22206a"
.linkedin.com/	1970-01-21 01:49:30	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3403:u=1:x=1:i=1734484425:t=1734570825:v=2:sig=AQH3B4xA3hlrBYGN50fkisUo1CFXbDs_"
.e-volution.ai/	1970-01-21 02:08:14	Name: v_usr Value: d0f049a2-7e92-43bd-ba9c-6cc9a6e98f9d
.e-volution.ai/	1970-01-21 02:08:14	Name: v_red Value: 378
.ortb.net/	1970-01-21 02:31:16	Name: lluid Value: 6a977053-3e8a-a2f8-46d0-db37caf3d9d2
.ortb.net/	1970-01-21 10:33:40	Name: llum Value: eyJzaHIiOnsiMSI6MTczNDQ4NDQyNTczMH19
.pippio.com/	1970-01-21 10:33:40	Name: did Value: 6-7b7dumymhmxfdO
.pippio.com/	1970-01-21 10:33:40	Name: didts Value: 1734484425
.pippio.com/	1970-01-21 03:14:28	Name: nnls Value:
.pippio.com/	1970-01-21 03:14:28	Name: pxrc Value: CMnDiLsGEgYIgr0rEAA=
.go.sonobi.com/	1970-01-21 02:34:52	Name: __uir_bs Value: 266071613436413625
.go.sonobi.com/	1970-01-21 10:33:40	Name: __uin_bs Value: 460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553
.sportradarserving.com/	1970-01-21 10:32:14	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 10:32:14	Name: zuuid_k_lu Value: 1734484425
.analytics.yahoo.com/	1970-01-21 10:33:40	Name: IDSYNC Value: "18z8~2mg1:190u~2mg1"
.primis.tech/	1970-01-21 02:24:04	Name: csuuid Value: 676221c9c9a7c
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_58 Value: 212923171868834
.linkedin.com/	1970-01-21 03:57:40	Name: li_sugr Value: 96a740a6-0c24-4c48-9f07-4ccff49491d6
.onaudience.com/	1970-01-21 10:33:40	Name: cookie Value: 1f08e6ddf72f18af
.onaudience.com/	1970-01-21 01:49:30	Name: done_redirects147 Value: 1
.ipredictive.com/	1970-01-21 10:33:40	Name: cu Value: 53e0bb78-4cb9-46a6-a72b-275caa4613da\|1734484425865
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_279 Value: 22890-53e0bb78-4cb9-46a6-a72b-275caa4613da&KRTB&23011-53e0bb78-4cb9-46a6-a72b-275caa4613da&KRTB&23355-53e0bb78-4cb9-46a6-a72b-275caa4613da
.intentiq.com/	1970-01-21 11:24:04	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 11:24:04	Name: intentIQ Value: MLohOS4ICF
.intentiq.com/	1970-01-21 11:24:04	Name: IQPData Value: 95808134#1734484425968#0#1734484425968
.intentiq.com/	1970-01-21 11:24:04	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 11:24:04	Name: CSDT Value: UEQ6MTUxMDZfMCZVWEdadEJi
.intentiq.com/	1970-01-21 11:24:04	Name: intentIQCDate Value: 1734484425970
.onaudience.com/	1970-01-21 01:49:30	Name: done_redirects219 Value: 1
.adform.net/	1970-01-21 02:32:42	Name: C Value: 1
.smartadserver.com/	1970-01-21 11:18:18	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:57:40	Name: pid Value: 5319116666604775903
.smartadserver.com/	1970-01-21 03:57:40	Name: csync Value: 80:10AxedNGZHLMTj4u0RUqfdRDMn3MR2V41hG1gcrp
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_52 Value: M4T78RDA-B-33WD
.adx.opera.com/	1970-01-21 10:33:40	Name: UID Value: OPU98b536125ca142b8b1a7840b7425cd1b
.zeotap.com/	1970-01-21 10:33:40	Name: zc Value: eabf214d-476c-4583-7104-ad14e5d7761a
.zeotap.com/	1970-01-21 01:49:30	Name: zsc Value: %B4%0E1Bl%CF%DBY%7B%8Dc%AB%AE%00J%FD%85%EE%C1b%3B%94S%7DIkf%EE7%B1g%16%7Bolt%12P%D2%00%E6%FB%D0G%B4%E3%F5%E2%7B-%C0%13%C8%90Ew%8E%0D%A9u%B8%D2y%7B%EC%F2%3DI%EAbE0n%DF%FAS%B8%B9%DDS%CD%02%DD
.overtake.gg/	1970-01-21 01:48:04	Name: lotame_domain_check Value: overtake.gg
.overtake.gg/	1970-01-21 08:16:52	Name: _cc_id Value: 3d7037b0769fee215d5a934e68414ecc
.overtake.gg/	1970-01-21 01:49:30	Name: panoramaId_expiry Value: 1734570826115
.overtake.gg/	1970-01-21 01:49:30	Name: panoramaId Value: add012b3d4639b54f0991e14f4dca9fb927a4a317799b2276c4ece2d8dc59b62
.rqtrk.eu/	1970-01-21 01:58:09	Name: browser_id Value: 1:bb1617bc-bc25-40ef-8ca9-dd3394078133
.overtake.gg/	1970-01-21 01:49:30	Name: panoramaIdType Value: panoDevice
.adform.net/	1970-01-21 03:14:28	Name: uid Value: 5033930528405378402
.overtake.gg/	1970-01-21 11:09:40	Name: __gads Value: ID=cc97c34645609b78:T=1734484425:RT=1734484425:S=ALNI_ManapgDKeffdBkxeTiMGscOyuRdLw
.overtake.gg/	1970-01-21 11:09:40	Name: __gpi Value: UID=00000fb834e86d6a:T=1734484425:RT=1734484425:S=ALNI_MZZUgzwOcbLKrA_syBimIMqb8cnjw
.overtake.gg/	1970-01-21 06:07:16	Name: __eoi Value: ID=b75489dd2fd3a95a:T=1734484425:RT=1734484425:S=AA-AfjYNIGYgJnHqYwwBv5v5RM9b
.doubleclick.net/	1970-01-21 06:07:16	Name: APC Value: AfxxVi7Sgcdl1RBMltk9_GXXolRIUbeCzNWSVXLx8QuXwqT5wa-ExA
.doubleclick.net/	1970-01-21 02:31:16	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 06:07:16	Name: receive-cookie-deprecation Value: 1
edge.venatusmedia.com/	1970-01-21 10:33:40	Name: u Value: 8710b4ba-b65f-48af-b1ee-913d21b8cfcf
.brand-display.com/	1970-01-21 11:24:04	Name: _knxq_ Value: f136fff0-f6dc-8522-edbabea7.1734484426.0.1734484426.1734484426
.outbrain.com/	1970-01-21 10:33:40	Name: obuid Value: d67f5a0c-c5fe-4424-a665-c569bde28ab3
edge-cs-external.venatusmedia.com/	1970-01-21 10:33:40	Name: u Value: 432bc40b-63a4-4a61-88a8-7ae41669b8ef
.criteo.com/	1970-01-21 11:09:40	Name: uid Value: 3609da4f-8f1b-409b-99f3-20f3610f03ed
.criteo.com/	1970-01-21 11:09:40	Name: receive-cookie-deprecation Value: 1
.360yield.com/	1970-01-21 03:57:40	Name: um Value: !313,jlHovEIUwJusJdR7tDuy20eWpKN6NgRrhwyY1og6YwFpmwNuMyQJpC3BOFcD.1yCkJQE4wvRoheUwWKv,1742260427
.360yield.com/	1970-01-21 03:57:40	Name: umeh Value: !313,0,1796692427,-1
.overtake.gg/	1970-01-21 10:33:40	Name: FCNEC Value: %5B%5B%22AKsRol87Jp1qqHkQzr6px-juPEVdLgkbbJ4wS5TrgA8lbB1dmQoacL8C8IWsMf8SHDerzYb_xXsgfcWAgKmfGYm8KQBrHK3ql4j2ENcuuvgXgNNFiIFcrHwqdRmNYTfg2CIMnZBxeqaSBMsj4gD4KMWzsmZnDFHB9Q%3D%3D%22%5D%5D
.ads.yieldmo.com/	1970-01-21 10:33:40	Name: re_sync Value: pp%3D1205343%7Crc%3D1205343%7Cunl%3D1205343%7Cdv360%3D1205343%7Can%3D1205343
.id5-sync.com/	1970-01-21 03:57:40	Name: id5 Value: 46eb236a-9d4d-7028-ab73-ab4628e810b6#1734484425647#4
.the-ozone-project.com/	1970-01-21 03:57:40	Name: ozone_uid Value: 2qMtmBND4YhWd28cPdDEY1RmBXw
.the-ozone-project.com/	1970-01-21 01:48:06	Name: __cf_bm Value: ufeybKxKCRXMiw72AF7zqV.IUNU4iUHz.BoOrzUtUMI-1734484428-1.0.1.1-aWXeD1TKdcd6LG7h_HwUEb5978kIL7jeSex1apbarb83kXyPpR9PsHVtIpdnPgyWTv0uunSijA4ogYetcmK7_g
.ads.yieldmo.com/	1970-01-21 10:33:40	Name: ptrunl Value: OPTOUT
.ads.yieldmo.com/	1970-01-21 10:33:40	Name: ptrpp Value: Itgskev46G1h
.ingage.tech/	1970-01-21 03:57:40	Name: instUid Value: bab946ce-6dcf-476d-8747-882da785adee
.ingage.tech/	1970-01-21 03:57:40	Name: cookieRegion Value: wdc
.lijit.com/	1970-01-21 10:33:40	Name: ljtrtbexp Value: eJxlkDsSgEAIQ%2B%2BytQWwfL2a490dRxpi%2BbIJG7hWxTo5tnkpSR5LJjL9hD2FYDT4FBQD%2FU5Z8gVyGqq6lFpQtgIeZvg2CQzYosAPrVKBDRjmCeTFu7KEv2w5WWJuXeOu9wOHlk1%2B
.krushmedia.com/	1970-01-21 02:08:14	Name: krm_r Value: 572:1735694028273\|615:1735694025794\|60:1735694025595
.overtake.gg/	1970-01-21 11:09:40	Name: cto_bundle Value: iHAwtl8zVWlaMk5lQW43djhTVTRNMmlXam43OUxlYU1tcllFdmlDRyUyRlliZVhOTTJ6dzZuWTVkWGIzR2RGZ3lQMFRpYkduSzZjU2s3ZnNGZ1NmZnpiYkxZVzlYSWdMOTBWJTJCbWdSSEpIaTdSUlpoVnJrdTkwcXI3YllkYjJGdnVGYVZYS2VTY3lRR0lTSm1xczclMkJOVWNCcTg4TmclM0QlM0Q
.contextweb.com/	1970-01-21 10:33:40	Name: pb_rtb_ev Value: 3-1vdw\|4is.0.CAESEMjZUDDQP8rBQBjb5t_6g4Y\|7TZ.0.1\|7dW.0.1\|2N.0.AQAA7csU3lL1NgInhRplAQEBAQEBAQCS1lL6zgEBAJLWUvrO\|7dN.0.AAJz0E7OxEQAABZF_DHftA\|8i8.0.1
.contextweb.com/	1970-01-21 10:33:40	Name: pb_rtb_ev_part Value: 3-1vdw\|4is.0.CAESEMjZUDDQP8rBQBjb5t_6g4Y\|7TZ.0.1\|7dW.0.1\|2N.0.AQAA7csU3lL1NgInhRplAQEBAQEBAQCS1lL6zgEBAJLWUvrO\|7dN.0.AAJz0E7OxEQAABZF_DHftA\|8i8.0.1
.bing.com/	1970-01-21 11:09:40	Name: MUID Value: 1A4DFF22301E61C93B62EA7B31946083
.c.bing.com/	1970-01-21 01:58:09	Name: MR Value: 0
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_27 Value: da1885a5-023f-4800-b3fa-625212598cf2
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_102 Value: 733ad11f-9d9b-5e0c-b761-e479711954f0
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_97 Value: OPTOUT
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_85 Value: AAJz0E7OxEQAABZF_DHftA
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_2 Value: 44B5E25C83C54339AE24EF078935724C
.ads.yieldmo.com/	1970-01-21 10:33:40	Name: ptrrc Value: M4T78RDA-B-33WD
.clickagy.com/	1970-01-21 11:24:04	Name: cb Value: Z2IhzNeIEz1aHkOBReRbPnKW
aorta.clickagy.com/	1970-01-21 11:24:04	Name: chs Value: [{"ch":"185","t":"2024-12-18 01:13:48"}]
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_49 Value: Itgskev46G1h
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_106 Value: 5319116666604775903
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_43 Value: a0-yKm9J5yFwQb19bRqpLmhMsS5wSOYrah7EZikA
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_16 Value: 460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_76 Value: 484a6d97-a92c-47b3-b1e2-e6f7e4cc4cce
.ymmobi.com/	1970-01-21 10:26:28	Name: ym_user_cookie Value: ym_user_7f3175eb-d052-43b3-b79e-05a17d68329e
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_84 Value: Z2IhzNeIEz1aHkOBReRbPnKW
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_103 Value: OPU98b536125ca142b8b1a7840b7425cd1b
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidod Value: e30=
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidrubicon Value: eyJ1aWQiOiJNNFQ3OFJEQS1CLTMzV0QifQ==
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_86 Value: oUCUrIpwF4bPRRSgzNRhc9uUU4aaXquqUWDeku-_m_k
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_80 Value: M4T78RDA-B-33WD
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidtriplelift Value: eyJ1aWQiOiIxOTY1OTQ2MTU4NzMzOTAwMTE4NDAifQ==
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidcriteo Value: eyJ1aWQiOiJrLVpKek1RdnRJak92LWh5UDZiamJGTXJ1YkZxb1BSSGZNeF96Qnp3In0=
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidsmartadserver Value: eyJ1aWQiOiI1MzE5MTE2NjY2NjA0Nzc1OTAzIn0=
.sitescout.com/	1970-01-21 02:31:16	Name: _ssuma Value: eyI0NSI6MTczNDQ4NDQyODQ0MiwiNDgiOjE3MzQ0ODQ0MjgyNzksIjI2IjoxNzM0NDg0NDI4NDEyLCIzOSI6MTczNDQ4NDQyNTUxNSwiNyI6MTczNDQ4NDQyNTUxNX0
.pubmatic.com/	1970-01-21 03:57:40	Name: DPSync4 Value: 1735084800%3A265_164_252%7C1735689600%3A219_228_245_197_226%7C1734566400%3A248
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_188 Value: 3189-460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&KRTB&23418-460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553&KRTB&23634-460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_26 Value: 805adf01-b5c0-4b22-806b-ad299815a1ad
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidrtbhouse Value: eyJ1aWQiOiJvVUNVcklwd0Y0YlBSUlNnek5SaGM5dVVVNGFhWHF1cVVXRGVrdS1fbV9rIn0=
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_1251 Value: 23269-di_002ceb35702145b1b95ed&KRTB&23571-di_002ceb35702145b1b95ed
.a-mx.com/	1970-01-21 10:33:40	Name: amdt_t Value: p::1734484428491
.a-mx.com/	1970-01-21 10:33:40	Name: amdt_t Value: p::1734484428491
.a-mx.com/	1970-01-21 10:33:40	Name: amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.a-mx.com/	1970-01-21 10:33:40	Name: amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.tappx.com/	1970-01-21 02:31:16	Name: TXCSDMN_76 Value: 477AA176-F89A-450C-8E45-4E5A86A7FA7F
.quantserve.com/	1970-01-21 03:57:40	Name: sp Value: CgkIgq0DEgMQlA4KCQi_gQMSAxCUDgoICIkNEgMQlA4=
.tapad.com/	1970-01-21 03:14:28	Name: TapAd_3WAY_SYNCS Value: 1!8473
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_860 Value: 16335-T5P-jw8nUo1lBDqMv9_zWwW16oQ&KRTB&23334-T5P-jw8nUo1lBDqMv9_zWwW16oQ&KRTB&23417-T5P-jw8nUo1lBDqMv9_zWwW16oQ&KRTB&23426-T5P-jw8nUo1lBDqMv9_zWwW16oQ
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_153 Value: 19420-Kv1NIi77GCkx80J1LKhWJin-TiYx-hkjK6wGL2kT&KRTB&22979-Kv1NIi77GCkx80J1LKhWJin-TiYx-hkjK6wGL2kT&KRTB&23462-Kv1NIi77GCkx80J1LKhWJin-TiYx-hkjK6wGL2kT&KRTB&23661-Kv1NIi77GCkx80J1LKhWJin-TiYx-hkjK6wGL2kT
.w55c.net/	1970-01-21 11:18:18	Name: wfivefivec Value: gT07b6Et1TnIDi5
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_22 Value: 14911-8222155452907852911&KRTB&23150-8222155452907852911&KRTB&23527-8222155452907852911&KRTB&23629-8222155452907852911
.w55c.net/	1970-01-21 02:31:16	Name: matchtriplelift Value: 5
.w55c.net/	1970-01-21 02:31:16	Name: matchpubmatic Value: 5
.mxptint.net/	1970-01-21 11:24:04	Name: mxpim Value: R33645_120B59757_C9934F70.1.0000000000000000676221CC
.agkn.com/	1970-01-21 10:33:40	Name: ab Value: 0001%3AHDuPqQlkfsMvMKZWsd6H0s1bPgcbomFp
.mathtag.com/	1970-01-21 11:13:59	Name: uuid Value: df006762-21cc-4500-be85-c940ed19005f
.rtb.mx/	1970-01-21 10:33:40	Name: amdt_t Value: p::1734484428630
.rtb.mx/	1970-01-21 10:33:40	Name: amdt_t Value: p::1734484428630
.rtb.mx/	1970-01-21 10:33:40	Name: amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.rtb.mx/	1970-01-21 10:33:40	Name: amuid2 Value: 72521630-ffa5-4c22-a9c2-7f58cfe42c7c
.adentifi.com/	1970-01-21 11:24:04	Name: adtheorent[cuid] Value: cuid_55e04490-bcdd-11ef-81f6-12707100b72d
.creative-serving.com/	1970-01-21 10:26:28	Name: tuuid Value: 0e7d7276-273c-46c8-b816-7b561132f4a2
.creative-serving.com/	1970-01-21 10:26:28	Name: c Value: 1734484428
.creative-serving.com/	1970-01-21 10:26:28	Name: tuuid_lu Value: 1734484428
.dotomi.com/	1970-01-21 01:48:04	Name: DotomiTest Value: 2902a86de5a13bf
.mookie1.com/	1970-01-21 11:16:52	Name: id Value: 10596688459684453184
.mookie1.com/	1970-01-21 11:16:52	Name: mdata Value: 1\|10596688459684453184\|1734484428643
.mookie1.com/	1970-01-21 11:16:52	Name: ov Value: 6f1eefea3ed27a025a1afeb59929e552
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_107 Value: 1471-uid:gT07b6Et1TnIDi5&KRTB&23421-uid:gT07b6Et1TnIDi5
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_52 Value: 22772-R33645_120B59757_C9934F70&KRTB&23092-R33645_120B59757_C9934F70
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_1278 Value: 23329-6cfb0fe0-eb02-4275-923b-f55977534218&KRTB&23340-6cfb0fe0-eb02-4275-923b-f55977534218&KRTB&23498-6cfb0fe0-eb02-4275-923b-f55977534218
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_32 Value: 11175-AQAGW0B3mwuKcQJyW-SLAQEBAQEBAQCS1lUGfwEBAJLWVQZ_&KRTB&22715-AQAGW0B3mwuKcQJyW-SLAQEBAQEBAQCS1lUGfwEBAJLWVQZ_&KRTB&23519-AQAGW0B3mwuKcQJyW-SLAQEBAQEBAQCS1lUGfwEBAJLWVQZ_&KRTB&23632-AQAGW0B3mwuKcQJyW-SLAQEBAQEBAQCS1lUGfwEBAJLWVQZ_
.tribalfusion.com/	1970-01-21 03:57:40	Name: ANON_ID Value: ahnoeUm5abmAyuoEVMmNTJcGYQUtXc7dZd7hkAY2x
beacon.lynx.cognitivlabs.com/	1970-01-21 10:33:40	Name: UID Value: 06522a3e-f94d-4cff-bb44-b737bc660361
beacon.lynx.cognitivlabs.com/	1970-01-21 10:33:40	Name: ss Value: C5AN9S5%2BZSKV9IQdf4NwpBIk8L8FmydoprLooacpRQVbfL4vpqUPURgBWbnd662F%2BBRGWeMyR5oL%2Fx3xf7TTMA%3D%3D
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_83 Value: M4T78RDA-B-33WD
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_58 Value: 477AA176-F89A-450C-8E45-4E5A86A7FA7F
.ingage.tech/	1970-01-21 01:48:06	Name: __cf_bm Value: ijkwfQKt0EgYOJKL3Fa3JGmeAlkHempCernFn8YJfFw-1734484429-1.0.1.1-4HS0idhMhnEWkPpJfbqRuAx0CUR8pV7XwQCoGV4OwFjQWbJozUIHaKnq3R9Gp2FMNufyBc7be5joOLD2i2nCAw
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MTAyNLUwNzU3MxHiM9Q1zMwMSSoMiU831S0EAFIKoR4lAAAA
.rfihub.com/	1970-01-21 11:09:40	Name: rud Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MTAyNLUwNzU3MxHiM9Q1zMwMSSoMiU831S0EAFIKoR4lAAAA
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_466 Value: 16530-805adf01-b5c0-4b22-806b-ad299815a1ad&KRTB&23280-805adf01-b5c0-4b22-806b-ad299815a1ad
.lijit.com/	1970-01-21 10:33:40	Name: ljtrtb Value: eJxtkU9zGjEMxb8L52rGsiX%2F6c3AbkPSBLKwQ8uFsb27ocPQhiSUhky%2Fe23O9ej03k%2BjJ%2BtjxHb0eUTGeI9GQ22dB2IxAVsRA1XsrfamzjX6NJI6s1Zw6AaBEDkJoCglWKEjhE46Z5EDhi6zWFjSohOuC8BSB6AhMYShjyCtGoxMOnUigjZaSkwOmFnlTnK5c%2Fb29Lrvf5P%2Bgrsy2WStC2gtBwYh1QBkhYCohgBaskTJzqZBFrYMpjFXkidWTZiUcr6SVNXCWKfYSJqUgKKARqnQIQ7gOheBe5EgGo3Qk3EG0TEN4gqrDM8XrbORlc7TUkCS0UYMxpKIhrLUYbyyZXVW6BB1eSJ%2FLztRdrMiW%2Fe0MraZehiDUutpkdX%2FZcryRs52l4d%2BVl0w3Ozn46Zv4uLn3br4nH3vby%2BiMvM%2F1aP34029nd4Mbz67zlwjr%2BbtqrAl1K920r7Mns81xUXTLJ8uD80uuVPbUgjfjqdju572%2BxNsD9t9OURJFQS83x3cLb%2FX58eILjbH56%2BH3f3rks%2FL%2BfeXsDPV5se%2BDDTXk1sKunMGgpMJyEQFEXsJvR5MTynl6kd%2F%2FwG3zJ%2Fs
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86162\|Z2Ih0
.pubmatic.com/	1970-01-21 03:57:40	Name: SyncRTB4 Value: 1735084800%3A15_223_2%7C1735344000%3A63%7C1737072000%3A224%7C1739664000%3A69%7C1735689600%3A249_264_13_54_166_104_71_46_56_220_3_201_234_176_231_266_99_96_81_233_178_5_21_250_8_165_240_22_214_48_267_55_7_238%7C1734912000%3A216%7C1735776000%3A268_35
.deepintent.com/	1970-01-21 11:24:04	Name: CDIPARTNERS Value: %7B%221%22%3A%2220241218%22%2C%22141%22%3A%2220241218%22%2C%22147%22%3A%2220241218%22%7D
.adsrvr.org/	1970-01-21 10:33:40	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjk9ZyI6MLPPRAFEhYKB3J1Ymljb24SCwja2feI6MLPPRAFEhQKBXRhcGFkEgsImMmPiujCzz0QBRIWCgdzdng5dDUwEgsItuvvoejCzz0QBRgBIAEoAjILCNj90tr-ws89EAU4AVoHdTQwY3B1d2AC
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_27 Value: 16735-uid:df006762-21cc-4500-be85-c940ed19005f
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_632 Value: 23041-oUCUrIpwF4bPRRSgzNRhc9uUU4aaXquqUWDeku-_m_k&KRTB&23047-oUCUrIpwF4bPRRSgzNRhc9uUU4aaXquqUWDeku-_m_k&KRTB&23234-oUCUrIpwF4bPRRSgzNRhc9uUU4aaXquqUWDeku-_m_k&KRTB&23361-oUCUrIpwF4bPRRSgzNRhc9uUU4aaXquqUWDeku-_m_k
.pubmatic.com/	1970-01-21 02:08:14	Name: KRTBCOOKIE_1323 Value: 23480-OPU98b536125ca142b8b1a7840b7425cd1b&KRTB&23485-OPU98b536125ca142b8b1a7840b7425cd1b&KRTB&23524-OPU98b536125ca142b8b1a7840b7425cd1b&KRTB&23575-OPU98b536125ca142b8b1a7840b7425cd1b
.rfihub.com/	1970-01-21 11:09:40	Name: eud Value: H4sIAAAAAAAA_9vEyGtobmxiYmFiYmRpYmq6igXBt7C0NAcAgjACrCAAAAA
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_18 Value: 22947-1783777340215875764&KRTB&23628-1783777340215875764
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_391 Value: 22924-5033930528405378402&KRTB&23231-5033930528405378402&KRTB&23263-5033930528405378402&KRTB&23481-5033930528405378402
.resetdigital.co/	1970-01-21 03:57:40	Name: ckbk Value: 0000016CBB1EA608
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_1199 Value: 23168-0000016CBB1EA608&KRTB&23175-0000016CBB1EA608
.adgrx.com/	1970-01-21 11:16:52	Name: ADGRX_UID Value: 56719a8a-bcdd-11ef-8d50-d407b367d747
.ctnsnet.com/	1970-01-21 10:33:40	Name: cid_df996ed67a3941228ebf041ae76c32a9 Value: 1
.adgrx.com/	1970-01-21 01:49:30	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.pubmatic.com/	1970-01-21 03:57:40	Name: KRTBCOOKIE_1003 Value: 22761-56719a8a-bcdd-11ef-8d50-d407b367d747&KRTB&23275-56719a8a-bcdd-11ef-8d50-d407b367d747
.rubiconproject.com/	1970-01-21 10:33:40	Name: audit_p Value: 1\|mFVHqHkj5bE+/x1DYRCnNlMG4C6D/t+3x5H4/Al95QXCbQhPjIsMkYV7nPxWhcnnSOZpFYDiH4Kj3d7cIbsz7BzcJel2BUETU6rwm0yM8XT5ZtWmzcqDTQmsd6cmBZ0t
.rubiconproject.com/	1970-01-21 10:33:40	Name: audit Value: 1\|mFVHqHkj5bE+/x1DYRCnNlMG4C6D/t+3x5H4/Al95QXCbQhPjIsMkYV7nPxWhcnnSOZpFYDiH4Kj3d7cIbsz7BzcJel2BUETU6rwm0yM8XT5ZtWmzcqDTQmsd6cmBZ0t
.adsby.bidtheatre.com/	1970-01-21 01:58:09	Name: __kuid Value: a4c82199-e3a9-4e05-beac-81c065e21a05.503698429
.id5-sync.com/	1970-01-21 03:57:40	Name: 3pi Value: 2#1734484426620#-1719240822\|264#1734484427453#1422001645#da1885a5-023f-4800-b3fa-625212598cf2\|203#1734484428793#-1724303534#3609da4f-8f1b-409b-99f3-20f3610f03ed\|108#1734484429056#1507636135\|1132#1734484429287#-871643999#d3991727-6b8d-45e8-9125-40bc542d72da\|1228#1734484429685#1692069154\|429#1734484427053#2024812803#477AA176-F89A-450C-8E45-4E5A86A7FA7F\|434#1734484426243#-671362769\|441#1734484428137#1910466646#u_8bef38e8-310a-4969-adf6-dc13e84bc2e7\|1241#1734484429171#1692069154\|1242#1734484428924#1692069154\|826#1734484429567#517058876#460d09da-526a-4fc5-afeb-283f72c6cd0b-676221c9-5553\|155#1734484426402#1709714039#AAJz0E7OxEQAABZF_DHftA\|987#1734484429422#1522257419\|796#1734484426130#-639289015\|124#1734484427303#-1685446958\|1245#1734484428347#1692069154
.pubmatic.com/	1970-01-21 02:31:16	Name: KRTBCOOKIE_904 Value: 23554-pIMxq_h6BuKjh0ZzzSFiZw&KRTB&23557-pIMxq_h6BuKjh0ZzzSFiZw&KRTB&23586-pIMxq_h6BuKjh0ZzzSFiZw
.pubmatic.com/	1970-01-21 02:31:16	Name: PugT Value: 1734484429
.media.net/	1970-01-21 10:33:40	Name: data-pbs Value: setstatuscode~~1
.pubmatic.com/	1970-01-21 02:31:16	Name: SPugT Value: 1734484431
.pubmatic.com/	1970-01-21 03:57:40	Name: chkChromeAb67Sec Value: 9
.ads.pubmatic.com/	1970-01-21 01:49:30	Name: pubsyncexp Value: 1734506031517
.lijit.com/	1970-01-21 10:33:40	Name: _ljtrtb_71 Value: 477AA176-F89A-450C-8E45-4E5A86A7FA7F
.the-ozone-project.com/	1970-01-21 03:57:40	Name: uids Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTI5MjMxNzE4Njg4MzQiLCJleHBpcmVzIjoiMjAyNS0wMS0wMVQwMToxMzo0OS41ODg2MzQxODJaIn0sImFkZm9ybSI6eyJ1aWQiOiI1MDMzOTMwNTI4NDA1Mzc4NDAyIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NTAuMDQ3NDMwNzY5WiJ9LCJjcml0ZW8iOnsidWlkIjoiay1aSnpNUXZ0SWpPdi1oeVA2YmpiRk1ydWJGcW9QUkhmTXhfekJ6dyIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ5LjE3MDQ4MzM5WiJ9LCJncmlkIjp7InVpZCI6IjgwNWFkZjAxLWI1YzAtNGIyMi04MDZiLWFkMjk5ODE1YTFhZCIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjUwLjM5NTM1NjA4NFoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiNTI4NDQ2MTEtMGY4NC00MTJmLWI1ZDctYjMzNTY4N2RmYTQ1IiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NDguNDUxNjM2NDQxWiJ9LCJpeCI6eyJ1aWQiOiJaMkloeWRITTUwd0FBQXNHQTNKUFpBQUFcdTAwMjYxMzg1IiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NDguODY0MzIzODQ0WiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIzNzc0ODYwMjUwODEzMjc3MDAwVjEwIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NTAuMjk4OTcyMDQ3WiJ9LCJvcGVueCI6eyJ1aWQiOiIxZDdhM2M5OC1mYTA3LTRlNTctOWRkMi05MDQ0MWQyNmIxMTEiLCJleHBpcmVzIjoiMjAyNS0wMS0wMVQwMToxMzo0OS43NzU2ODQyN1oifSwicHVibWF0aWMiOnsidWlkIjoiNDc3QUExNzYtRjg5QS00NTBDLThFNDUtNEU1QTg2QTdGQTdGIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NTEuOTExNjEwNDcyWiJ9LCJydWJpY29uIjp7InVpZCI6Ik00VDc4UkRBLUItMzNXRCIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ5LjY1NzAwNzM2MVoifSwic2hhcmV0aHJvdWdoIjp7InVpZCI6IjRkYWIyMzU0LTEzNWMtNDNlMC04MTRjLWQyOTcxNzIwYTIyZiIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ4Ljc0NTQzNTY1MloifSwic21hcnQiOnsidWlkIjoiNTMxOTExNjY2NjYwNDc3NTkwMyIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ4LjY4NzYwNDc0NVoifSwic29ub2JpIjp7InVpZCI6IjliMGFjYzJhLTQ2ZTItNDBmNC05N2ViLTg5ZDI2ZjM1YTYyYiIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ5LjM3NjY2NTg5NVoifSwic292cm4iOnsidWlkIjoiSjJYcEFCWkg5akhoNlIyQVNlV1h6V2dOIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NDguMzIxMjU2MTk5WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjE5NjU5NDYxNTg3MzM5MDAxMTg0MCIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ4LjYzMjE2NDYwMVoifSwidHRkIjp7InVpZCI6ImRhMTg4NWE1LTAyM2YtNDgwMC1iM2ZhLTYyNTIxMjU5OGNmMiIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ5LjQ2MzY4Mzk5MVoifSwidW5ydWx5Ijp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOiIyMDI1LTAxLTAxVDAxOjEzOjQ5LjIxNjU1NDg1WiJ9LCJ5aWVsZG1vIjp7InVpZCI6IlZ6N09ycnJXeE9ycnFTWEg5bHMyIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDFUMDE6MTM6NDguMjUyNTU3Njk0WiJ9fSwiYmRheSI6IjIwMjQtMTItMThUMDE6MTM6NDguMjUyNTU1MTgxWiJ9
.pbs.optidigital.com/	1970-01-21 03:57:40	Name: uidpubmatic Value: eyJ1aWQiOiI0NzdBQTE3Ni1GODlBLTQ1MEMtOEU0NS00RTVBODZBN0ZBN0YifQ==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloudmetrics.xenforo.com/api/v1/websites/1710916522909624/activity Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.overtake.gg/downloads/wrc-telemetry-patch.38991/ Message: Access to XMLHttpRequest at 'https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.overtake.gg&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1#{%22lwid%22:{%22origin%22:0},%22bundle%22:{%22origin%22:0},%22optout%22:{%22value%22:false,%22origin%22:0},%22tld%22:%22overtake.gg%22,%22topUrl%22:%22www.overtake.gg%22,%22version%22:159,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertagids%22,%22requestId%22:%220.9961337636746004%22}' from origin 'https://www.overtake.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.overtake.gg&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1#{%22lwid%22:{%22origin%22:0},%22bundle%22:{%22origin%22:0},%22optout%22:{%22value%22:false,%22origin%22:0},%22tld%22:%22overtake.gg%22,%22topUrl%22:%22www.overtake.gg%22,%22version%22:159,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertagids%22,%22requestId%22:%220.9961337636746004%22} Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a5693.casalemedia.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
api.ipify.org
bcp.crwdcntrl.net
c.amazon-adsystem.com
cadmus.script.ac
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.js7k.com
cdn.prvk.io
ce.lijit.com
cloudmetrics.xenforo.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cs.ingage.tech
csi.gstatic.com
d.turn.com
dd0ee41f7336311a90a2129f261571ad.safeframe.googlesyndication.com
dis.eu.criteo.com
dt.adsafeprotected.com
eb2.3lift.com
edge-cs-external.venatusmedia.com
edge.venatusmedia.com
elb.the-ozone-project.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
ex.ingage.tech
exchange.kueezrtb.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
grid-bidder.criteo.com
gum.criteo.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids4.ad.gt
image2.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
k8s1-event-tracker-ny.lb.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
oa.openxcdn.net
overtake-data.community.forum
p.ad.gt
pagead2.googlesyndication.com
pbs.optidigital.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.tapad.com
pixels.ad.gt
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
proc.ad.cpe.dotomi.com
proton.ad.gt
r.bidswitch.net
rtb.gumgum.com
s.amazon-adsystem.com
s.yimg.com
scripts.opti-digital.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.a-mo.net
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
us-u.openx.net
usersync.gumgum.com
v-cdn.prvk.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.overtake.gg
x.bidswitch.net
ep1.adtrafficquality.google
gum.criteo.com
www.overtake.gg
104.18.25.18
104.18.26.193
104.18.27.193
104.18.29.101
104.18.34.190
104.20.106.152
104.26.13.205
107.22.180.23
134.209.129.201
147.28.129.140
147.75.198.144
151.101.1.194
151.101.131.42
162.19.138.117
162.19.138.119
172.217.222.148
172.217.222.149
172.217.222.154
172.64.153.66
178.250.7.11
18.160.10.101
192.40.39.192
2001:4860:4802:32::3
2001:4860:4802:38::181
2001:4998:14:800::1000
2001:4998:60:807::1
207.65.37.179
207.65.37.181
209.204.231.174
23.204.206.35
23.21.14.225
23.50.125.215
23.54.68.197
2400:52e0:1a00::1233:1
2600:1f18:1aca:4282:96aa:73f4:5ea5:b40b
2600:1f18:2352:af01:7309:938c:6f1b:193f
2600:1f18:4e9:5a07:f32d:d8cc:aff8:3160
2600:9000:24f4:de00:8:48e:53c0:93a1
2602:803:c002:200::32
2606:4700:10::6816:2f8e
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:346
2606:4700:3032::6815:33e4
2606:4700::6812:1791
2606:4700::6812:1ad8
2606:4700::6812:234
2606:ae80:1471:16::820
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c09::63
2607:f8b0:4004:c09::65
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c1f::8a
2607:f8b0:400d:c00::5e
2607:f8b0:400d:c00::84
2607:f8b0:400d:c01::9b
2607:f8b0:400d:c03::9d
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c1d::9a
2620:100:a00b::12
2620:100:a00b::28
2620:100:a00b::4
2620:100:a00b::9
2620:112:f008:200::101
3.167.112.98
3.167.113.34
3.167.69.77
3.171.86.171
3.215.165.113
3.232.220.69
34.102.146.192
34.111.113.62
34.160.72.119
34.194.79.112
34.228.175.96
34.34.170.154
34.36.216.150
34.42.134.208
34.95.69.49
34.96.70.87
34.98.64.218
35.155.132.249
35.211.118.13
35.211.202.130
35.244.159.8
35.71.131.137
35.71.139.29
37.19.207.34
44.210.213.98
52.0.223.57
52.205.45.196
52.207.37.116
52.207.45.55
52.22.30.188
52.87.138.103
54.165.154.102
54.211.170.34
54.224.244.205
68.67.160.117
68.67.181.248
69.173.151.100
8.18.47.7
8.28.7.83
95.179.177.152
98.82.157.137
0145836490e8cd1d58f2ae96fd41ca5e86f30fdf3fe7196103726e410f6bf2bb
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d4d8acd196ef65ffd95f920b0de93ff0a8f411a9641a4e0753f4808d99b2c2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8ae94b8fcb5dcb7f449328862e175fbe5dd6f841fd71b7f58701eb99cb9751
0e8d397a999da8bf29ecd08d4152085bc846227eb4ac7fc1e099b61d03cfa403
1356dd485fa997ae40a4d02ffdff434d39b8e42fadc6b78c4cabfde42b5dfea9
1411aae1169bc6a112972d21e652b2f8258f42c45b0c1a6215cafbeb2d628048
143e9b2ba4b6a7bcf2b1bc42a610c03aef1853a417cd339b532c073d6355a8cc
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18ee895c2f92c34605b62eccb1f6ce62cca41589cd5406c3a9848007c381a187
19d1f08f157adc2739d6db10f8016a3ffd9f5ba65bb5ad173c8266d222e868f0
1a691f964812845338d0cccac1f3dfcbddc96e3ae0c64ed9e3bfe8bd487ec1b3
1d30a378db11575d66d560681e5978b71fe89823516679f7b055442f962e36f4
1eeeec8176343b2daf4fc9fe169d1269f6cc328ad2611d59d0777af09e4f3b46
1f40369a59e0732ee9e8b362720c44411960aab65c3da366be62714cd552dab8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2248f1e590a5ae04b44d7010904021de0cbbf1c31618c2dddc7b8c979e928c92
228f63b307a72d9179806c83cd5262f461f4c5b6fa135e2be1de5a64c7912180
262fae2772a8e7f1535df8bf3ea4c353a5d08aa97a8e03ab42b1373f09ab5074
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
313cfef5d6914d3086c7d3093c9f0752958a29e3cb910e79f34e8f3cfbb8f33c
315c7a340316a43a51e5b4cf1785b18c55f9b8a89ac37f3cb1a2153bdb2f3fa0
32a7759d7823aa5f8bea9bf3fb7c7caacc706490f317adb510f1ea9460df0e72
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
373cdb0eb91d722b4880971e68c33a214b25c92110706ac0ed9ae92dda12cdbf
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3b16e5c1b0511d63320e1cfaefaf85533e8f1fb10f370097551f92106061deee
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3d554ec9187e695913eb9675f063b9e33927ce0327050cc184164e9c838eab8d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
4849ef82469750fbe602ca670ce396a3e7df33d51eb58e52b8c93e23d7537281
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4d0d9acbea562c99741bc022b684e2213e797b4f9d17bccecec82693ee6abc99
4f3a96ac4b94007136df6aac42c66204bedacac2ebf7d8c324951b7798603150
503b67852f8ba1a8fa41f50039a65613a5aefdc6a04ec8ffe64bfcb692f3e1d7
52c593769c22876a988e9b1b8d345e3d652a41c51c37a13d6f290c46fa7e9b12
52d13805da615c36aa2acb2b6875b9da8e323ef81fd1307fa2fdf402cb3cc708
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c5bcae8d0171bf6b6fec3d0128ee2e50fc0854e6c5622e68c5cb88bccff13a
55e84de66c622dd814578692366961decaf0119f1d832e773900b3fa5b7287d3
57fed9e14abdf791c149729e63748a2204c0309924f4aeb8fdfab33615ee5ccd
587672d0a9f37999e0edda6f8acc7b577eda08c15241d647b69b78e6c0e5ea34
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
5f4e2c96cc7fa8c73dcd7e8877860d77da4a88bcc138a2b388ceed0729ab6256
62ae8dba06ea59e55857156997cbbe59e8b72dbd8138ac1e412377e3f6fcc94e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65430510b179b6bfe793bcba095f4c7bb9411cc675c6e0ba3d0b54337119c5d5
65708fbe5cf4419d7ae6e648384165856ceb42f36a568881b0568d8a71db6448
688dd33ed28d8089f3b559839052791cadfce9fa46f15dc39d8afbf0f5f4eb57
6a7d24600922a4cb6f8321d71a61cc6c2994832ea9b22d109cdb90da56ebcfb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e23bd216d7828ac209ae8e2fbbc02dbdd6a8c9f3b34a2e3a540990ec0bd01ff
6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537
6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a
70e792b4a1b0220da9e8f8a8c304e8fbc1e14b3172e722048bfd2cba88c990ea
715b5b05866fc8376a3df9610320431317939f8dc337b9419f763d1e54046b74
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7181bfdbb052399b09c6a6cb9fe9d52bfe9ee539fb55a37706f685d4ebfadeec
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
796e271310c46bda824a5051ff5dcc9c5afecfee17b077cc928a88b719dc0db8
7a0f150b2b99e28d2fb492d64905f961ed0652d1723c226b3f12a7784a79e891
7bb4f85ebe3e15c2a0d21726811d0db24dbbe83476d590cc7450d4d6affb072e
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
801727c7de1e744a2d530cad72484b7358785f5621264666b0c582d3367f3cbf
80300a0135dbbab625850bb0843efbb3d62cb243139f87fc075476626a9db8a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864fa09db7b73879f009ada3f41f05c0463c6ed76724984c56a5091ef4f7f734
86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351
874680f49971b62ac52f618da1abf4bba6d0d050f08d6b170449d3fada360d90
88398f9c6e6e58256cbe9e0e6724a34da84954576797190d0af4dfd89c45e726
8c18b5bdd593e79213658f832533018b0d5c9bbe9cbf681180017aca426542c4
8ddd2492d33c4841de30024650786ec10e8441a7300f8973b3829a02181cf04f
91ab4319172810c7d5b823ad3a55a79a944fbf12dea8917abf83be875bbef3a2
91b78582095e2d2380065bdf104d8afabc4cb5d922777fb21ae3d0ccf19dc5c2
9381cb3c4b803d255db84d309c2efbf5b5d43ec14fb8ba16629f35df7edbca72
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93a1fd8b6c2b3e43c67b2570dd649af62ebfd663d65e2fda0ef8cf04a4ad93a0
93a4e34781c1fe085ece889fa8ec85f966ddc987831e5a96f4cc92706caa7c09
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9673f82ae875cb30cc6250cf46dd863642abcb71cc700c11e4252080e7a7162a
9b39cbb88caa4a151b911bc85cdb57a4faf5a2f4db1d8caed60083b7bd3bf03e
9bc87e8ad9a1ff327cda2832b011e74ea1a9d3329d8073be9bcd162cc1e858ee
9c2fc1f21cd6daad0e387f65ed6fef77e6b58e13129148c40e53fb8abdcf3441
9d2ceb1797ece60726ad3bebf5d5decd8c2e6747eba5e274f59d0f67a04eaee2
9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a070d24f775382d7a70aaa16ffcebfcb866377147e56cb42ebd4edd4d20410ef
a1d5f045222365ef29637b8c438a7a4370d91c714d8b26c4b787d26145de34ed
a2653a1596779ebe15aa612123dc240f6992fae875d2eee6ae0b465280da02a8
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
a5e428319b9f2258b7946fe3e3ce78ef05a085113b2ac011ba8171870476585b
a652d0e0a55a12ab819d2fd546e57671dfa60413f0414e0d906f14af9d339121
a6b01f025b9c35e1d4f215034ebb6c665c120146bdecb29f32b7cec4933d779b
aa986d926760f8daeaef05236cf58237bc4eb08687b0c170fc6d690c4d487f78
aac4e326a96da88c16718fd95d7da1256a95bcc77fe9bce03f1b9ff0d04049cc
abce51476c992eaaacd53b9b0f4ef97b8d9ceaacad89e706a3bde801ed30e6e4
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac87990e8b0859c452087ceefb33f9ec788de319b0cd9e80e807cf6e8347cd27
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
adcb15c44661d243089b0313ad51b7474a88371bb35d33c9cf168514e2dc799a
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b4131ff73c7d055701086c8b314026f5f1a1696cc5b671751d942563d1a39c
b36875a3b66050beb14376dd9f592cf526c99ec9068345ae30741091193d263c
b3917a8c342c56579ab83d475f25cbde623901ceee93fc470fa20b2f73961ef4
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
b4a2a2d686dd952c35b89e6934a44ba550ef1f99f6ae453a4a1c05c2756372f5
b5c4d4b27eb53382a5d961dafd54a8101c132ed93979e18e91b572cd9bf5d0c4
b7278fb43d3535ca945547bd29ab3a16b9e952737aa5f8e6b1e538f46e8f279d
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c
bf825eee0c39fc7cfdb3bed017bdadab222dcfd410aa33dd0c4648d3884a1fa3
c204cda469464787773e3a4a3162268e2889d470c7ac58270f5a915147edd91d
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c29e975d4c2106c71bce1a2fb5a25652fb1f16490e4cbe3cedc48e24483f8d4c
c36e18778c5304cc9f1b0fc32d5ee71641165ce62129afe758c70182ee83575d
c56026feeefbc64e0fe6e26ab816271dba4e0bc95db9cf99d7e515c502e268c0
c74296f907487ee210db1ebf04c8f6d7e572a814804b4d7044862cfeb0b22ab7
c7788aaef68f339994e5fd2abbfe12ebb99076ed1a3951c45cf5850252c1d70e
c78d20a649faf93b211f76aa7803b335deb469de020f20907014bf4b456d4d39
c8b7fbea6c9baa36bae02a04ff681d75c06a1ca4d061e04dde82ffcc27743fd9
c94e227ea29e087966e20e463c40c2d9dfcaabd9f1abd63f6ff08c3f6d264eb4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c963c32d0bfa3d6f60d98738df831641ddd332df17d4305add56350ff7dd6d26
c9804b28a0cd718fdfec6e82d34bddf24a3ecc55a57e4f04648e85b3ba709f97
cc835a8d3a2caf98adb7d4656e81ac0a988c50cb18ee79820c60879e19f2a1c6
ccfb4c3a0616f9137a700afaf6162777ac32c3efde7702b73065efc5201accb5
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cec8018f2259b17cf28d9b7698be31d2753b7da774503186589782b122b9351c
cef70c0ea5d079d130f2d7b33e0f85a3d15ab278d5dd2b5be2f31eb3a28d4731
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf87de89183fa9a833ca8e8a3eec67c3bc8486c2bd8c9ccc606d87aa00b6b15d
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
d05280369e026dc13a4a413d3cc20c77dab7a9a120abbc78de0959e105e1517e
d0b14c2fad58602349271d6613266969596c5526617327052d0014f80f229a4a
d0cb19550ec4fcd91bdf490a8103294b5503cab9656466df3d4655e8320f1106
d1d7c2b8a54a6df31261dd813f4c5c59c920ba9d89acea202d5cd97ebb62dcf6
d254cecaf51c6556f6f494eec366d9f81ff604378b48c8a978500e45b080fa05
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d47bfd53d3d2837ba190280e71a213c8d13be2d8ac6ee1b5b3d933dd3b7c86dc
d495a8e91497430d2c54e28e8bf512f2608ec199b525c528853da41dab80dfd3
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d734e77c6a8a9d8c5d50619c59a0f6fed3dcd220e1184df56ee120b771e30988
d9377b84890191f0cbafa8fba3dfedf7d510b59722947f670590c2ee99b2ea51
db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba
dbb63c2603e6d239120e8b8db2596952051040c76cc5d90bfa31be9353d41edc
dbdab31a287ceafb5b96375c215398a3a9b109fc333ba0b20e7be8d833ad3703
dc2714147abc73c0c099d7ba1ffea846d438c07f9fca58ffa13ff40108b0385b
dd2ebf3d43939f6595950500f2141af571da108541dfb80731a759f9fd6ecde5
dd845166b6a20512e9cdf8ce4fce27e47b6568aca59fb58f026bc7b23f729fb0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0669b3f2e85c0f815c22aa423c2a1846894fe1907153ea7c61fcb234ef84791
e11b4efdf7c81290474d47ddca8f1c0729f103414e4a5b277c4ad396c92aa43f
e1a6f26221e90102580decc85453993721815ee35ef417600af01cc219a0d871
e1fbaed711a15d37ad237843b3ad78da31d818c6193e8927d7e01ff2f9286f8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e690668529b15bf59b55d3180778399058021402925336646a90a606a158611c
e8a44c3cc6767656be79798aec8609cd2830e994ac6126adf74ce4bdc907739c
e92590c2aaf5b294238397e95d6f5332c6c73b711546d6dbf71859a242b9751e
e96617ee75b17d45ef165d8e0ea6bd9667766a5b7c58818c060dcf22c2e386f2
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ee096a851d8d6abd4eb044eb7463de39bb6b6b09716693b8ffc645d5353ffdf7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ae1fcc586a710ec1126e1576b93489d03cebfb50d5543bf3f8ce3f74861e43
f62216c88630426906d7adc7767f3699f7b388a0aa3a6fb6d1d6e7aa14816161
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa830dc6232ca22e1ff53d6089b7bd73abea619aaedb03eabdbfa78dc9980b8d
fb626a05fd1c1ec386a9ad7f2fbdd6ddb36a012b730312fe7fa67dc73f6666a8
fcabdf2179893e65712e6c0f53720282212686d90a084d4dfd7ff0a2e4a767b4
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.overtake.gg Open in urlscan Pro 95.179.177.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

271 Requests

91 %HTTPS

39 %IPv6

67 Domains

114 Subdomains

92 IPs

7 Countries

6911 kBTransfer

12126 kBSize

310 Cookies

11 Outgoing links

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.overtake.gg Open in urlscan Pro
95.179.177.152 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

91 %
HTTPS

39 %
IPv6

67
Domains

114
Subdomains

92
IPs

7
Countries

6911 kB
Transfer

12126 kB
Size

310
Cookies

271 HTTP transactions
11 data transactions