www.partitionwizard.com Open in urlscan Pro
2606:4700:10::6814:709  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1

Request Chain 66

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3.1KlKyJ5SvR.QQ923XtAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1&google_hm=2

Request Chain 67

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENE8zkMiFfdxid55HANetFg&google_cver=1

Request Chain 68

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIxMDE5NTc1MDgyNDU1NDgwOQ%3D%3D

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request escape-from-tarkov-steam.html Show response www.partitionwizard.com/partitionmagic/	60 KB 15 KB	138ms 48ms	Document text/html	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 893e5c37315ae354ff942a9fa72023b3ca81814c8091c5b6a186f12030d64a9c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 3671 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 76f423e2eaf5b97e-AMS content-encoding br content-type text/html; charset=utf-8 date Thu, 24 Nov 2022 18:17:13 GMT expires Thu, 24 Nov 2022 22:17:13 GMT last-modified Thu, 24 Nov 2022 17:16:01 GMT pragma no-cache server cloudflare strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-turbo-charged-by LiteSpeed
GET H2	200	css fonts.googleapis.com/	17 KB 1 KB	83ms 31ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 24 Nov 2022 18:17:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 24 Nov 2022 17:20:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 24 Nov 2022 18:17:13 GMT
GET H2	200	jquery-3.6.0.min.js Show response www.partitionwizard.com/js/	87 KB 31 KB	49ms 48ms	Script application/javascript	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/js/jquery-3.6.0.min.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 10 Jun 2022 07:49:56 GMT server cloudflare age 13887 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript content-encoding br cache-control public, max-age=86400 x-turbo-charged-by LiteSpeed cf-ray 76f423e35bbeb97e-AMS expires Fri, 25 Nov 2022 18:17:13 GMT
GET H2	200	article.css www.partitionwizard.com/css/	28 KB 6 KB	59ms 59ms	Stylesheet text/css	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/css/article.css?v=20220610154954 Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25a6198a9feb4971aa10bdab468868577f9e22a4413314f6735d446ef508eb97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 10 Jun 2022 07:49:54 GMT server cloudflare age 11324 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css content-encoding br cache-control public, max-age=86400 x-turbo-charged-by LiteSpeed cf-ray 76f423e35bb9b97e-AMS expires Fri, 25 Nov 2022 18:17:13 GMT
GET H2	200	main.min.js Show response www.partitionwizard.com/js/	9 KB 3 KB	47ms 47ms	Script application/javascript	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/js/main.min.js?v=20220610154956 Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17d11fd86d522fe722b3ba8049f3bcaf42a287036a515d507d62516df47b0b51 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 10 Jun 2022 07:49:56 GMT server cloudflare age 11324 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript content-encoding br cache-control public, max-age=86400 x-turbo-charged-by LiteSpeed cf-ray 76f423e3bc71b97e-AMS expires Fri, 25 Nov 2022 18:17:13 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	111ms 36ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27210 x-xss-protection 0 server sffe etag "1401 / 430 of 1000 / last-modified: 1669244741" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 24 Nov 2022 18:17:13 GMT
GET H2	200	logo.png www.partitionwizard.com/images/	3 KB 3 KB	84ms 83ms	Image image/png	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.partitionwizard.com/images/logo.png Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb47d005a2dee1a178bb0182b13e3a9a50ba0c84d6a52193c1b451253c91950c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 216547 content-length 3371 last-modified Fri, 10 Jun 2022 07:49:54 GMT server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 76f423e3cca3b97e-AMS expires Thu, 01 Dec 2022 18:17:13 GMT
GET H2	200	best-free-vr-games-thumbnail.jpg www.partitionwizard.com/images/uploads/articles/2022/01/best-free-vr-games/	42 KB 42 KB	49ms 48ms	Image image/jpeg	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.partitionwizard.com/images/uploads/articles/2022/01/best-free-vr-games/best-free-vr-games-thumbnail.jpg Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d854f54cd6570c9fde4ad28c58a03f5b17d7d7e9c60331fe98cce60567a7db0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 3671 content-length 42987 cf-bgj h2pri last-modified Thu, 20 Jan 2022 09:36:24 GMT server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 76f423e3cca4b97e-AMS expires Thu, 01 Dec 2022 18:17:13 GMT
GET H2	200	other.min.js Show response www.partitionwizard.com/js/	11 KB 4 KB	48ms 47ms	Script application/javascript	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/js/other.min.js?v=20220707105324 Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679dbe5626bb0a1903a66181aeee30937910322b9a5c03e01ec17b016dfd38bd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 07 Jul 2022 02:53:24 GMT server cloudflare age 11323 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript content-encoding br cache-control public, max-age=86400 x-turbo-charged-by LiteSpeed cf-ray 76f423e3cca5b97e-AMS expires Fri, 25 Nov 2022 18:17:13 GMT
GET H/1.1	200 OK	count.js Show response partitionwizard-com.disqus.com/	1 KB 2 KB	73ms 19ms	Script application/javascript	199.232.192.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://partitionwizard-com.disqus.com/count.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.232.192.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 18:17:13 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=300; includeSubdomains X-Amz-Cf-Pop DFW3-C1 Age 231 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 871 X-XSS-Protection 1; mode=block Last-Modified Thu, 17 Nov 2022 15:05:16 GMT Server nginx ETag "63764dac-367" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=300 Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect X-Amz-Cf-Id LWfy2FfEi2ZtlA-I5s7kYZRPm5MqV4W-F6U8t8L2xaTF9u8dIrU2gg==
GET H2	200	gtm.js Show response www.googletagmanager.com/	129 KB 49 KB	88ms 37ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9 Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b4a7199263edcf69b445ff88ed7346b377dc4cbb0ca72ce45177e810d22a7093 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49637 x-xss-protection 0 last-modified Thu, 24 Nov 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 24 Nov 2022 18:17:13 GMT
GET H2	200	fontawesome-webfont.woff2 www.partitionwizard.com/fonts/awesome/	75 KB 76 KB	62ms 62ms	Font font/woff2	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.partitionwizard.com/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 13886 content-length 77160 last-modified Tue, 03 Oct 2017 03:49:40 GMT server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control public, max-age=86400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 76f423e3cca7b97e-AMS expires Fri, 25 Nov 2022 18:17:13 GMT
GET DATA	200 OK	truncated /	62 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b537a26aa913602cf89943589dab0adce3c6e2f2137d31e28c685c5c043f2886 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	68ms 20ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 18 Nov 2022 05:09:29 GMT x-content-type-options nosniff age 565664 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Nov 2023 05:09:29 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	73ms 25ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 18 Nov 2022 13:14:53 GMT x-content-type-options nosniff age 536540 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Nov 2023 13:14:53 GMT
GET H2	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v30/	17 KB 17 KB	95ms 47ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 11:25:53 GMT x-content-type-options nosniff age 283880 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17368 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 21 Nov 2023 11:25:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	89ms 41ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 23 Nov 2022 20:10:25 GMT x-content-type-options nosniff age 79608 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 23 Nov 2023 20:10:25 GMT
GET H2	200	cate-pw-article-top-banner-bg.png www.partitionwizard.com/images/uploads/cates-tags-banners/2022/	138 KB 138 KB	51ms 50ms	Image image/png	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.partitionwizard.com/images/uploads/cates-tags-banners/2022/cate-pw-article-top-banner-bg.png Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d399bbabee1821182a59c880a633e34cc93844a247254e790dab00c199df9f0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 215110 content-length 140981 last-modified Fri, 10 Jun 2022 07:50:38 GMT server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 76f423e42d63b97e-AMS expires Thu, 01 Dec 2022 18:17:13 GMT
GET H2	200	promotion.php Show response www.minitool.com/promotions/landing/	272 B 470 B	412ms 352ms	XHR text/html	2606:4700::6812:15b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.minitool.com/promotions/landing/promotion.php?lang=en Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/js/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa4c05049bb95c527851fc47af43cc51e941dce987106c63ba90ec47b404790 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.partitionwizard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare x-frame-options SAMEORIGIN, SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.partitionwizard.com cache-control max-age=0 cf-ray 76f423e48dbebb65-FRA x-xss-protection 1;mode=block expires Thu, 24 Nov 2022 18:17:14 GMT
GET H2	200	pw-mcafee.gif www.partitionwizard.com/images/promotions/pw-mcafee/	77 KB 78 KB	62ms 61ms	Image image/gif	2606:4700:10::6814:709 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.partitionwizard.com/images/promotions/pw-mcafee/pw-mcafee.gif Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:709 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bb4558e527e9cf57e18ef70fed4f2a00d548bb2e2e166a2d3a25c88dc5dbac6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 216540 content-length 79278 last-modified Thu, 26 Aug 2021 14:15:06 GMT server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 76f423e42d78b97e-AMS expires Thu, 01 Dec 2022 18:17:13 GMT
GET H/1.1	200 OK	count-data.js Show response partitionwizard-com.disqus.com/	313 B 897 B	20ms 20ms	Script application/javascript	199.232.192.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://partitionwizard-com.disqus.com/count-data.js?2=https%3A%2F%2Fwww.partitionwizard.com%2Fpartitionmagic%2Fescape-from-tarkov-steam.html Requested by Host: partitionwizard-com.disqus.com URL: https://partitionwizard-com.disqus.com/count.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.232.192.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 31b4ec4c7069c5d1cad9e0edad4e60194b171567f67dbbf60a62c61ff06cd113 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 18:17:13 GMT Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff Server nginx Age 4082 X-Frame-Options SAMEORIGIN Vary Accept-Encoding p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=600 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect Content-Length 313 X-XSS-Protection 1; mode=block
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	195ms 20ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 24 Nov 2022 17:24:49 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3144 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Thu, 24 Nov 2022 19:24:49 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	229 KB 77 KB	31ms 30ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 90c1ba116b834242da63de1b49318766520718ded8454844e65896ad962d02f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78772 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 24 Nov 2022 18:17:13 GMT
GET H2	200	pubads_impl_2022111501.js Show response securepubads.g.doubleclick.net/gpt/	381 KB 129 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 16:46:25 GMT content-encoding gzip x-content-type-options nosniff age 5448 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132177 x-xss-protection 0 last-modified Tue, 15 Nov 2022 09:35:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 24 Nov 2023 16:46:25 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	89 B 93 B	95ms 54ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.partitionwizard.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5d4f7f6ee638ac94dd3103145a33c480aac7a6b235456da8416e70debe6374df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 68 x-xss-protection 0 expires Thu, 24 Nov 2022 18:17:13 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 344 B	114ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-W6RNX75Q2P&gtm=2oeb90&_p=26490890&cid=1657896580.1669313834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669313833&sct=1&seg=0&dl=https%3A%2F%2Fwww.partitionwizard.com%2Fpartitionmagic%2Fescape-from-tarkov-steam.html&dt=Is%20Escape%20from%20Tarkov%20on%20Steam%3F%20Can%20You%20Get%20It%20on%20Steam%3F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.path_clean=%2Fpartitionmagic%2Fescape-from-tarkov-steam.html Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:13 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.partitionwizard.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	96ms 31ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.partitionwizard.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	91ms 29ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.partitionwizard.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	74 KB 35 KB	720ms 720ms	XHR text/plain	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=182280866302295&correlator=2345114392034062&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22630280940%2Cglobal.pw%2Carticle-sidebar-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1538957307&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1669313833826&lmt=1669310161&dlt=1669313833465&idt=332&adxs=1080&adys=648&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.partitionwizard.com%2Fpartitionmagic%2Fescape-from-tarkov-steam.html&frm=20&vis=1&psz=300x250&msz=300x250&fws=516&ohw=300&ga_vid=1657896580.1669313834&ga_sid=1669313834&ga_hid=26490890&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c691e8d06dc7368167ff4c913dd7b96b543f77b2ca66b5ba72b3187ff7326d2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35615 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.partitionwizard.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55FA	6 KB 3 KB	122ms 29ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.partitionwizard.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 24 Nov 2022 18:17:13 GMT expires Fri, 24 Nov 2023 18:17:13 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	73ms 28ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=26490890&t=pageview&_s=1&dl=https%3A%2F%2Fwww.partitionwizard.com%2Fpartitionmagic%2Fescape-from-tarkov-steam.html&ul=en-us&de=UTF-8&dt=Is%20Escape%20from%20Tarkov%20on%20Steam%3F%20Can%20You%20Get%20It%20on%20Steam%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=14308988&gjid=1872280895&cid=1657896580.1669313834&tid=UA-686301-15&_gid=2115439753.1669313834&_r=1&gtm=2wgb90PPJRVD9&cd1=Amy&cd2=2022-09&cd3=2022-02&z=451409437 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.partitionwizard.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	86ms 29ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-686301-15&cid=1657896580.1669313834&jid=14308988&gjid=1872280895&_gid=2115439753.1669313834&_u=YADAAEAAAAAAACAAI~&z=1022012583 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.partitionwizard.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	default Show response embed.tawk.to/5ba0b825c666d426648adc3d/	2 KB 943 B	95ms 41ms	Script application/x-javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/5ba0b825c666d426648adc3d/default Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/js/main.min.js?v=20220610154956 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e00cd3726d8ae446eaacef931f3a4ae080d71bfb76bb3a437a1f4ed41cf6383 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br server cloudflare age 449 etag W/"stable-v4-637ddf31c8f" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=7200, s-maxage=3600 cf-ray 76f423e6f9f591f5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	138ms 73ms	XHR application/json	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 65db1ea3513da9674813695dff7b2b6871bcbd09c46fe732c06814a3365288a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11317 x-xss-protection 0
GET H2	200	bottom-banner-en.png www.minitool.com/promotions/images/banner/mcafee-bundle-2022/	125 KB 125 KB	83ms 34ms	Image image/png	2606:4700::6812:15b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.minitool.com/promotions/images/banner/mcafee-bundle-2022/bottom-banner-en.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 159b378e88e6ffed412ad362dffda83dafaf5a607725c940a7e7044f5fc31ff5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff, nosniff cf-cache-status HIT age 14984 cf-polished origSize=149729 content-length 127747 x-xss-protection 1;mode=block cf-bgj imgq:100,h2pri last-modified Mon, 08 Aug 2022 06:36:12 GMT server cloudflare x-frame-options SAMEORIGIN, SAMEORIGIN vary Accept-Encoding content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 76f423e70ca6911e-FRA expires Thu, 01 Dec 2022 14:07:31 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	109ms 59ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-686301-15&cid=1657896580.1669313834&jid=14308988&_u=YADAAEAAAAAAACAAI~&z=270867335 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	108ms 60ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-686301-15&cid=1657896580.1669313834&jid=14308988&_u=YADAAEAAAAAAACAAI~&z=270867335 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	twk-main.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	121 B 367 B	63ms 39ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 118379 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"da5bb1dc647470204df0e49f5afac2de" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a5d913c-FRA
GET H3	200	twk-vendor.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	76 KB 27 KB	69ms 45ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 116964 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"7dcb496e4882926f93f2e73fa87062c0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a60913c-FRA
GET H3	200	twk-chunk-vendors.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	206 KB 61 KB	82ms 58ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 118379 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"70dac54eca3bb2143032bc4db3237623" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a58913c-FRA
GET H3	200	twk-chunk-common.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	192 KB 40 KB	131ms 107ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 116964 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"bde99510bdf9ab7bbc9ce82519a19a36" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a62913c-FRA
GET H3	200	twk-runtime.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	2 KB 1 KB	148ms 124ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 116964 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"9075c2f5460b2832318d3c7217cc68cb" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a64913c-FRA
GET H3	200	twk-app.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/js/	151 B 427 B	59ms 35ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5ba0b825c666d426648adc3d/default Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ Origin https://www.partitionwizard.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 116964 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"e736e189edb5d0d9d5b8e7f23dd9114a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e76a65913c-FRA
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	111ms 47ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 24 Nov 2022 18:17:14 GMT
GET H2	200	widget-settings Show response va.tawk.to/v1/	3 KB 2 KB	91ms 40ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/widget-settings?propertyId=5ba0b825c666d426648adc3d&widgetId=default&sv=undefined Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f15e1e62edd9b2758076dbe3fe1682e14fdd6f4361e63c5b6a512849845f066 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1473 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by visitor-application-preemptive-q8wp server cloudflare etag W/"2-86-0" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * cache-control public, max-age=7200, s-maxage=1800 cf-ray 76f423e8a9df9256-FRA access-control-allow-headers content-type,x-tawk-token
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame A566	13 KB 5 KB	68ms 21ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.partitionwizard.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 234 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 24 Nov 2022 18:13:20 GMT expires Fri, 24 Nov 2023 18:13:20 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 75AE	783 B 534 B	74ms 30ms	Document text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 36f64aa7f5e88ae63f6de6504d0f37108d602cebeaee10b9d8e21e36642e3dc1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NKr_1wwu1qBu2vdcKv34mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.partitionwizard.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-NKr_1wwu1qBu2vdcKv34mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 24 Nov 2022 18:17:14 GMT expires Thu, 24 Nov 2022 18:17:14 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H3	400	start Show response va.tawk.to/v1/session/	60 B 339 B	217ms 216ms	Fetch application/json	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 138180bb51412a7b5c7d22ac7aeff4b8450080a6588984807afa9618dafff7fb Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.partitionwizard.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://www.partitionwizard.com access-control-allow-credentials true cf-ray 76f423e9bdc292c9-FRA access-control-allow-headers content-type,x-tawk-token content-length 60 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by visitor-application-preemptive-bw50
OPTIONS H2	200	start va.tawk.to/v1/session/ Frame	0 0	206ms 166ms	Preflight	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.partitionwizard.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-tawk-token access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.partitionwizard.com alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 76f423e8a9e09256-FRA date Thu, 24 Nov 2022 18:17:14 GMT server cloudflare strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff x-served-by visitor-application-preemptive-l14f
GET H3	200	M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response pagead2.googlesyndication.com/bg/ Frame A566	36 KB 16 KB	68ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:11:18 GMT content-encoding gzip x-content-type-options nosniff age 356 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15861 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 24 Nov 2023 18:11:18 GMT
GET H3	200	en.js Show response embed.tawk.to/_s/v4/app/637ddf31c8f/languages/	16 KB 4 KB	126ms 100ms	Script application/javascript	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 119969 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 23 Nov 2022 08:52:37 GMT server cloudflare etag W/"585ba00b2c167b90c210161454f843b5" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 76f423e99d7f92c9-FRA
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 75AE	0 0	100ms 55ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=182280866302295&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame A566	0 10 B	21ms 21ms	Image text/plain	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?PUru9A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	container.html Show response 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E27D	6 KB 3 KB	67ms 23ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.partitionwizard.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 24 Nov 2022 18:17:13 GMT expires Fri, 24 Nov 2023 18:17:13 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EBC8	624 B 919 B	109ms 60ms	Document text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhikwMjYATAB&v=APEucNXO3DXXPdVX-YSOL4vRHAKvpBGhXlYLL4yM4jyKn3oRenq0-kYjpoZ6GDE4UrM1XhD78ymxcIPsKugpjmFT_KkkfnIk3gswsTcQ59KcfvCrhayKmi67eOSmdehSjYOkkUlATu-6Fu8-tgpJ0rXXB6Rfhw63BYfn4oGDmyZNyHYywiYM2fo Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 24 Nov 2022 18:17:14 GMT expires Thu, 24 Nov 2022 18:17:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E27D	23 KB 9 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:12:37 GMT content-encoding br x-content-type-options nosniff age 277 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9428 x-xss-protection 0 server cafe etag 246362764157784863 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Dec 2022 18:12:37 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame E27D	6 KB 2 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 12:06:40 GMT content-encoding br x-content-type-options nosniff age 22234 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2477 x-xss-protection 0 server cafe etag 8436122973860808490 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Dec 2022 12:06:40 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame E27D	0 0	251ms 60ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3ETAEQku_LKEuZVm6bxm_J0bAjO9mu3fZASMZ8RGbAJIB2Uf0HY2nSy3Bbm4uPLbey7dKQ8UlUpzEdSElBhAfnshk3AGIJusdrq9ffnmilJ7WjqVxth1s0TjwRABxEUDX9QBkJ4G7kAETEfxf8XaObeZyyccJ0Hj5x5fwXJRCM214IMOHj5-9kqTnEw7Z7QVt2UrciC0PN1UiNqmjhXcB0yqUxMqS6zd5kw6ONL3YSkt3Hr08Wu48V8Ma_JwRh--WbPgkIMuFWbcoYHLEIvBnSAwss5nc613ltUYT36hNRlzAiO67ShrYdXZMLLvCpo8WHr5nJiNai_B7qipw9OFMNfFJcCUKEGBteHwZiGmFnBvTipD0PlhVLQjXB-x4FmmF2x6tvELkjraTGFdDevu2Q1ojed1xe8OpQOeZtZA9ix2K_DGy8xinW71GJg9dEFNr3eiupp8CfMQRrr9xWWDa_i-gDec5qRDY9EbW2Wga4zEpLbzfz2l4k9JB8zgIWav6R21QfUvzSe4l8HBtkn6XBFZ2BxLbcH7m7bhRcnKkYcC-0jS_cnM0q0GBRTfA3jQ15RH8bFixo6y8cdrB-CDg_HQ1l-NVPbncjmLwu7bFTpRvlGY3eX8UaARsgOD_dDbiCJCeEGk69TUvvJ2vRGwBmbbMx_D19BStzvXjCXaIcXYU1eE5ARp9E8N7vSn1lZV4Kiiz-soj8u-NGHKrsTeXatdI098ol86M3-nLKdO0vWmMYQg-jMhbeYeV8UVWcJus2iYVFMLF6u-hP57xzexhEiHBif0-PmqWYHVjVv5AFSMooyPpDZONI6EHylfuaUxHoXkbLbNA_-9GO8kF2jRnFTAsph60W32UkzpYZ1PYINTi6wmNX47G4i7GkwqxSvHdTdfRS2W3VSb__MrT6cy63hUcW5zESZnel5Lzq4ltN3xItwOeSgXWIWRzxbsyYdSdKoB1-udhXwK2T49JoDA_Ccs5WfvQShdIsW7E09lyZnh03Y5F6Uhwm6uUXcLZ0fsGcDW3TEfm5HrDKsgs5ualI2cPR_6lnF6P5DGkret65GFmhO5f8PDQY4sWm_OeN1LZODCD9idpa0qHWwoRPYe0IS8BtYCJtb76wQ8DIBgEYp6cw3sXnkFbySkTUGIP8mQQgxuFHNB5Cw2SgO1GPw5Dyhx8De2e7OJfCgr8a2QCY208pC_LIfw9BFLKRMQnm9eHWKfl9UWD&sai=AMfl-YQb7Zoz5CZ0QPDagKfuX8WdQe6WN3o4nI15ka2gaQuUQa6ETxFHuBXaXBw_geGhalDFdOgG_JjXLa7W9lXW6-EiH6-Vv6NMquZ_Y-eqiQiCZI1PX1u0kFryAHWfl7zG3q8xrKb92jMuvcLpI3qKfs9WfXpXJb7W4HjbIDoHkYroe_FfaLOmbYzyd4xT2Jef0hVnDKlWPnms_RGpja5rSnSIoPJRmopoTgyOxJtSdixiO1k1Zx1FanjJh0sigdp1DYyxZTrZucOxwMj2HEF_CNPf-UnfaQExnurXA-m1IGjaYjd5feUhi74Nd03-Aos1WNSAxvzPTH6Z8_44lsTkgrkieqgqMCWQN7OnCOJWOjde3AHB3gD0IHLIM0qp8c5jxG-JhLQSHdz8VjXamBZGgNUr9RF6tQ95Jxnq9Y_vzB6Q55XoWtTFTKYpm8e_UYMdS_9WA--PaK5xAtP7AsJk-gIH8Saz_zF3xB4VYg&sig=Cg0ArKJSzBJ3x8UIF5SuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20221110.74659&arae=0&ftch=1&adurl= Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Thu, 24 Nov 2022 18:17:14 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame E27D	41 KB 15 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 11:55:20 GMT content-encoding gzip x-content-type-options nosniff age 195714 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 11:55:20 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame E27D	42 B 63 B	55ms 54ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJYxe6bX9-rFGVZWytIQH2z8RV_OCYu4C3PtFATNMHjYeDJjCB13bvUDWZZoFETAeglZm5oZOvE8nBM_qmKmQvoYRrHlvzLrEQCifYN_ZaTHoji68 Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E27D	3 KB 1 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 16:34:12 GMT content-encoding br x-content-type-options nosniff age 6182 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Dec 2022 16:34:12 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E27D	18 KB 7 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 16:34:12 GMT content-encoding br x-content-type-options nosniff age 6182 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7458 x-xss-protection 0 server cafe etag 16870613375306414947 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Dec 2022 16:34:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E27D	154 KB 48 KB	247ms 56ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48265 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1668095300071091" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 24 Nov 2022 18:17:14 GMT
GET H2	200	17459678331338054716 s0.2mdn.net/simgad/ Frame E27D	57 KB 58 KB	211ms 20ms	Image image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/17459678331338054716 Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9209c69e7e481aeefa5f4dee43c7a21c0ba87f0f0836a1155c0a76752d386ccc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 08:50:42 GMT x-content-type-options nosniff age 33992 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 58694 x-xss-protection 0 last-modified Wed, 09 Nov 2022 13:08:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 24 Nov 2023 08:50:42 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 327E	22 KB 8 KB	22ms 21ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 195714 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 22 Nov 2022 11:55:20 GMT expires Wed, 22 Nov 2023 11:55:20 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame E27D	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c113bd12a5b100936f6ffae174f60ebec37295d92a854ceda71663ff2392d46 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EBC8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1	43 B 766 B	20ms 20ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhikwMjYATAB&v=APEucNXO3DXXPdVX-YSOL4vRHAKvpBGhXlYLL4yM4jyKn3oRenq0-kYjpoZ6GDE4UrM1XhD78ymxcIPsKugpjmFT_KkkfnIk3gswsTcQ59KcfvCrhayKmi67eOSmdehSjYOkkUlATu-6Fu8-tgpJ0rXXB6Rfhw63BYfn4oGDmyZNyHYywiYM2fo Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 24 Nov 2022 18:17:15 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 24 Nov 2022 18:17:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EBC8 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3.1KlKyJ5SvR.QQ923XtAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1&google_hm=2	43 B 766 B	20ms 20ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhikwMjYATAB&v=APEucNXO3DXXPdVX-YSOL4vRHAKvpBGhXlYLL4yM4jyKn3oRenq0-kYjpoZ6GDE4UrM1XhD78ymxcIPsKugpjmFT_KkkfnIk3gswsTcQ59KcfvCrhayKmi67eOSmdehSjYOkkUlATu-6Fu8-tgpJ0rXXB6Rfhw63BYfn4oGDmyZNyHYywiYM2fo Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 24 Nov 2022 18:17:15 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 24 Nov 2022 18:17:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiUWipMHZnvGb7Vk6EBbXk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame EBC8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENE8zkMiFfdxid55HANetFg&google_cver=1	43 B 1020 B	28ms 27ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENE8zkMiFfdxid55HANetFg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhikwMjYATAB&v=APEucNXO3DXXPdVX-YSOL4vRHAKvpBGhXlYLL4yM4jyKn3oRenq0-kYjpoZ6GDE4UrM1XhD78ymxcIPsKugpjmFT_KkkfnIk3gswsTcQ59KcfvCrhayKmi67eOSmdehSjYOkkUlATu-6Fu8-tgpJ0rXXB6Rfhw63BYfn4oGDmyZNyHYywiYM2fo Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 24 Nov 2022 18:17:15 GMT AN-X-Request-Uuid b7762196-1caa-4458-8b66-8b76e9f09c6c Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.215.132; 217.114.215.132; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 24 Nov 2022 18:17:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESENE8zkMiFfdxid55HANetFg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EBC8 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIxMDE5NTc1MDgyNDU1NDgwOQ%3D%3D	170 B 188 B	41ms 36ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIxMDE5NTc1MDgyNDU1NDgwOQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhikwMjYATAB&v=APEucNXO3DXXPdVX-YSOL4vRHAKvpBGhXlYLL4yM4jyKn3oRenq0-kYjpoZ6GDE4UrM1XhD78ymxcIPsKugpjmFT_KkkfnIk3gswsTcQ59KcfvCrhayKmi67eOSmdehSjYOkkUlATu-6Fu8-tgpJ0rXXB6Rfhw63BYfn4oGDmyZNyHYywiYM2fo Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 24 Nov 2022 18:17:15 GMT AN-X-Request-Uuid f4f8503e-343d-4f42-8318-1a7c007ebd5a Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIxMDE5NTc1MDgyNDU1NDgwOQ%3D%3D Connection keep-alive X-Proxy-Origin 217.114.215.132; 217.114.215.132; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response pagead2.googlesyndication.com/bg/ Frame 327E	36 KB 16 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:11:18 GMT content-encoding gzip x-content-type-options nosniff age 356 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15861 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 24 Nov 2023 18:11:18 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame E27D	0 0	58ms 58ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3ETAEQku_LKEuZVm6bxm_J0bAjO9mu3fZASMZ8RGbAJIB2Uf0HY2nSy3Bbm4uPLbey7dKQ8UlUpzEdSElBhAfnshk3AGIJusdrq9ffnmilJ7WjqVxth1s0TjwRABxEUDX9QBkJ4G7kAETEfxf8XaObeZyyccJ0Hj5x5fwXJRCM214IMOHj5-9kqTnEw7Z7QVt2UrciC0PN1UiNqmjhXcB0yqUxMqS6zd5kw6ONL3YSkt3Hr08Wu48V8Ma_JwRh--WbPgkIMuFWbcoYHLEIvBnSAwss5nc613ltUYT36hNRlzAiO67ShrYdXZMLLvCpo8WHr5nJiNai_B7qipw9OFMNfFJcCUKEGBteHwZiGmFnBvTipD0PlhVLQjXB-x4FmmF2x6tvELkjraTGFdDevu2Q1ojed1xe8OpQOeZtZA9ix2K_DGy8xinW71GJg9dEFNr3eiupp8CfMQRrr9xWWDa_i-gDec5qRDY9EbW2Wga4zEpLbzfz2l4k9JB8zgIWav6R21QfUvzSe4l8HBtkn6XBFZ2BxLbcH7m7bhRcnKkYcC-0jS_cnM0q0GBRTfA3jQ15RH8bFixo6y8cdrB-CDg_HQ1l-NVPbncjmLwu7bFTpRvlGY3eX8UaARsgOD_dDbiCJCeEGk69TUvvJ2vRGwBmbbMx_D19BStzvXjCXaIcXYU1eE5ARp9E8N7vSn1lZV4Kiiz-soj8u-NGHKrsTeXatdI098ol86M3-nLKdO0vWmMYQg-jMhbeYeV8UVWcJus2iYVFMLF6u-hP57xzexhEiHBif0-PmqWYHVjVv5AFSMooyPpDZONI6EHylfuaUxHoXkbLbNA_-9GO8kF2jRnFTAsph60W32UkzpYZ1PYINTi6wmNX47G4i7GkwqxSvHdTdfRS2W3VSb__MrT6cy63hUcW5zESZnel5Lzq4ltN3xItwOeSgXWIWRzxbsyYdSdKoB1-udhXwK2T49JoDA_Ccs5WfvQShdIsW7E09lyZnh03Y5F6Uhwm6uUXcLZ0fsGcDW3TEfm5HrDKsgs5ualI2cPR_6lnF6P5DGkret65GFmhO5f8PDQY4sWm_OeN1LZODCD9idpa0qHWwoRPYe0IS8BtYCJtb76wQ8DIBgEYp6cw3sXnkFbySkTUGIP8mQQgxuFHNB5Cw2SgO1GPw5Dyhx8De2e7OJfCgr8a2QCY208pC_LIfw9BFLKRMQnm9eHWKfl9UWD&sai=AMfl-YQb7Zoz5CZ0QPDagKfuX8WdQe6WN3o4nI15ka2gaQuUQa6ETxFHuBXaXBw_geGhalDFdOgG_JjXLa7W9lXW6-EiH6-Vv6NMquZ_Y-eqiQiCZI1PX1u0kFryAHWfl7zG3q8xrKb92jMuvcLpI3qKfs9WfXpXJb7W4HjbIDoHkYroe_FfaLOmbYzyd4xT2Jef0hVnDKlWPnms_RGpja5rSnSIoPJRmopoTgyOxJtSdixiO1k1Zx1FanjJh0sigdp1DYyxZTrZucOxwMj2HEF_CNPf-UnfaQExnurXA-m1IGjaYjd5feUhi74Nd03-Aos1WNSAxvzPTH6Z8_44lsTkgrkieqgqMCWQN7OnCOJWOjde3AHB3gD0IHLIM0qp8c5jxG-JhLQSHdz8VjXamBZGgNUr9RF6tQ95Jxnq9Y_vzB6Q55XoWtTFTKYpm8e_UYMdS_9WA--PaK5xAtP7AsJk-gIH8Saz_zF3xB4VYg&sig=Cg0ArKJSzBJ3x8UIF5SuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=251&vt=11&dtpt=250&dett=2&cstd=1&cisv=r20221110.74659&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: www.partitionwizard.com URL: https://www.partitionwizard.com/partitionmagic/escape-from-tarkov-steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 18:17:14 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Thu, 24 Nov 2022 18:17:14 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 327E	0 20 B	58ms 58ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc76sKbV_Y5S3Nae5x_AP1raBgA0AAAAAOAHgBAI&bg=!1tWl1ZHNAAbvMpMzzzI7ACkAdvg8Wubw9JqtNwlN81aLGwSDkh5cugI4KnRlKqwlV6rTjJoyA-H_cQIAAACIUgAAAAJoAQcKABQRczJrOsoS1G_4NA6Y0CvVv68ze5kC6Bs3eMS2J2DakDfIRxKLIrl4NxOVjyHRBPYTZ6BAlbUwZYjgxNsI0-A65OoQGTD4m-n2yitEt4k2ArOGe-IFMyTC9CRFNThnuCnHFX7so7ldmNz4Bv8VdFxtSqSpL0_kowWGLvqFxawcuWYl5R7J-4C4a2Kj0m4GUOED1uiuda3_x0hVpU3TUNpDc9vqMInBXtpHtxybSkj79eeVdjJcCqSbZhfTOQ2CQouoDLXg6_WcbO4pNScEO7OUlwjVCRv5MjnvAT9NNlDoQvFKj-nH8-W16i8v5Sp7izTR3DyX2jcJG63QFDQIVxA112Q43LPp5PQgOYXq_i2iDIrDBypp72ZJq3M0ijiZ7GablpnySTu03HLyPYDKDdXTweNCQ-ZPpLIWe0s50W54tcmqkK2baMZCr-EIbuDt3bvm21N5rK8reFV-UjJQEgZ6TgOIrTZEY4NGEkN-uhzvB_aqc1TbuRMLHVp0koEb8o50JBbgEFFitd8v_xMwTS_nSdTRiqu6xL2aJt07Ml5aLse1iWCaxBlc5lu4TOEbPgtTof2nGCTZWyjJQgxiE-GUsOWTVNtGb0Fv71L19D6AS-H5P3Iw5CEj5lmdbhFSZyjkQNnLUdXcQOhG15F0kiZkHXCSV3_a32bhJ5rLNH7cLvk886fiDWxgw5dIo3T6JgqneHX5hYthy1OFvOkNEWUkTupOtMptRlwhsLNFidrWlDI8McdlJ1eUdjfZGWLuKQljNNg3OfQ0XZ0rrLBDJnRVdHONIpvGSitCuHq-VYNYjr5DJt1rLS1dVb9rqEoD9wHjv2HHWdgGOvY1AaOBbIMd0XCV8iH4vMX2luy08k-Whst-uSRRo6c5viWkl1nXj0LBqgNeSdcCvBvsC3_48MIokFJCVkwzcuhDxQjyvN_9W9oLe8wM9ZU01k1EA5vYdDhVjADvcHhy7Bou36CRk1qECNQ86pHVosmFqHYjviWeboQYsh7rjhudo91y0o-Sng Requested by Host: 309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com URL: https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:15 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	57ms 57ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=182280866302295&bg=!Z2SlZCDNAAbvMpMzzzI7ACkAdvg8WgZe7XW4tFj0N0OiJ6qmjIVVsNNDpyGU5qRcSSrd0TAf-lUlhQIAAABSUgAAAAJoAQeZArcWKnYhmY31y-QbVh7uJdAqikpU6uPGqjfeQk96RYM45v0pJkgXKenEiSV1149p64NAOS3Xyf0m2U2H_tB765agEte3kUaKYgVJ7FGld3c1FpfWLMV7M7OupcYrlbaFSW42MSp5nVHuGZZ1FuVWsAhVt6LjaqiXLSgPs2yk6BPtuHIFMGg9pCWVxrO4qcnNGNnziCatEeDWRC7UuZbEvR5grcM-gAZc5sSlrdSFiESKVa0G4xH1zRUzrdLqLWkmefIxzlQPnuTALCvmvwiBkzkS7w890zp02H1D2uhRaI1wEJhw593KaeOTxrs_PTDbVRzeNIM934MYemoI6u9x5pCSIDRw5168q3H6MsjhZWnDFKlz7b7Uikf19obz6qNRW8xIzNwTAvoQp__p05ffXyygpVYW47l2nAG9qN7k5GwPYI4CcrAbBx0eMRgpQ-8c43rVfYw1wtcM1strIPdRqPJz5x1qh3Ka9gQhQXcVI23cVmUku0x3UoBkWaFS_hS8DqtFD7rVm321Wjas3h2jMVWgV6b-y2oZ4ZpafEIg4SjmRCn07wsO7HsQABLr2bQZ1OA1mqZO6Lv764xXrGdZFBX7i-Ery93tSBth6thCRQ1BRyHa68vnHYQFoUv0Kb8G2xdAxF-GDl5uZ-H-f2nbMLrsU4sYl9Nh3nTnoNBlVX_DUQ0w4OdN8o52WEFLXYqzJtznTzNu9vQjufaf-kh8ceHXItVvH_c5A9kDIA4zZWugNSRXxp0wmS-U3tJHBqY6iU_jTyKIxcYW9SEkc9rbsB6sxThgBPIIyDn8GFQ_fBk4QCaQY8DqcpwKli7J5dUw2Vz_aRmpi7wU7ssNOZVBvd7_Jtb5pC5V97HhsbqiugTxh2jJlVNaIBintTW6yxzkp2i1V2vrDpc6Ezfh7auLXHVGDTf9_eK18Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.partitionwizard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E27D	42 B 64 B	101ms 58ms	Fetch image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkZoyiQ2GEKMfiHQ7YMDbpUguHebpBwUAj0_-niGJPld62Qspx576EZrl6TQ-vQ9iaI6csY_-A9e7pOZGsh7-qlwgQJIGLuICzdEIN5DUUV8AcGiMt_Ed3hfrcm-eN4zXTmVOYwA&sai=AMfl-YRWKwFO6M2YkXS6Fjhzt63RbiYJ__1BQ5V_h7KxxiOG0G-L7rNbot86B_8kvWNGaoHfQynkk7axYItXA_ShZRdGWF3MyUhcdKvqNWsZg2_SBe7nmVaIAC9LVjMs0MbnOXL5gD5Arkt6V-eL93w&sig=Cg0ArKJSzJRKmkCmaor9EAE&cid=CAQSSwDq26N9yBvR1LJ7v-4LqjOqQjQsJRWzXlOQn20pc-BEkfnZ8ljgLozhNASMBf8M8JnGOxr3YLeZJvlr1pls3Lt3UtmXGwQq24xVyxgBIBM&id=lidar2&mcvt=1000&p=648,1080,898,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1538957307&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669313834577&rpt=411&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://309738e23c90306291c52edd5007be92.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Nov 2022 18:17:16 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT