www.battlespiritsnova.com Open in urlscan Pro
74.220.219.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c1...
Submission: On January 24 via manual (January 24th 2024, 11:17:30 am UTC) from HK — Scanned from DE

Summary HTTP 59 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 12 domains to perform 59 HTTP transactions. The main IP is 74.220.219.213, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.battlespiritsnova.com.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.

This is the only time www.battlespiritsnova.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	74.220.219.213 74.220.219.213	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
59	21

4 74.220.219.213 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2027.bluehost.com

www.battlespiritsnova.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	286 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	117 KB
7	gstatic.com fonts.gstatic.com	212 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	25 KB
4	battlespiritsnova.com www.battlespiritsnova.com	76 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462	51 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	214 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5289	223 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	64 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
59	12

	Domain	Requested by
9	pagead2.googlesyndication.com	www.battlespiritsnova.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
7	fonts.gstatic.com	fonts.googleapis.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.battlespiritsnova.com	www.battlespiritsnova.com
3	www.googletagmanager.com	www.battlespiritsnova.com www.googletagmanager.com
3	pro.fontawesome.com	www.battlespiritsnova.com pro.fontawesome.com
2	csm.eu.criteo.net	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	www.google.de	www.battlespiritsnova.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	www.battlespiritsnova.com
1	fonts.googleapis.com	www.battlespiritsnova.com
59	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
batspi.com

Subject Issuer	Validity	Valid
autodiscover.battlespiritsnova.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Frame ID: FA68A9DC082EE648186F2388C1F40826
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: C374889A93689CFDE34425416571A427
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&adk=1812271804&adf=3025194257&lmt=1706095046&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=159&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6283012565755&frm=20&pv=2&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: CE71AF680DBE70FF8BF82D381E1E1F28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&h=280&slotname=5083275212&adk=3335733925&adf=428091284&pi=t.ma~as.5083275212&w=1200&fwrn=4&fwrnh=100&lmt=1706095046&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=194&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6283012565755&frm=20&pv=1&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Frame ID: 40AE1D9F5B068CAE3ECE28E1F1817A37
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbDxxgAETNcA-TCjAAJGMndxpzaOkoYCzTw-Xw&u=%7C%2F7vck6Kd1w6%2FSOc5JtB2R2AaKhIcFHoUtU1X6tAKUrA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_-jnPeV7Ik6GlwpQ8LXb5VkZZzPoPya_9UVoa4-7rBB8uOK5NCsxXO4kv1f5p-3xVGiti0pYwhRjrHubU4nQgtU4Cpg3iT_fWcLwsBQ0wzM8TFHV7lWnZcpV7XNhC2W87sn4Nuacqh8IW1OFhk58yvuw_mInjSEMehNon9dhXbR4DmgZqLmjGCiMJa4egFA2gYDodUUEWkDp-5uOXdF4cFYjweMQ7CpS562iYN-uXMagwimWVvtByz7kd7d736tGVbrE0JKzqWC5Civf2yqsA0L2yS7szDrgWVGlU6lUg9uHHgYKij9sUpkQfGLzstkw1KGBua3Gb08NrIT162_9N0lerMzhBOt4PxqUxFmE5uh00jBiFP-MA0Bd_6cRnBJEnpGpZImcWdmA5N7J7Kg2cBXowf9fz0NSj4D1ZDxJjpMM-1jpObGayMRW4zGQb63_azdCB_RubP3pJQ7VIBEuXREVCRwXLgvs0TJENFVc8wxpC-IQBoGaUl5TVoLTNPiy4Detij0fxLH8aTjlRl2W3dzGq1JElBSlpi0--9BOroy10dXwcz2XlINP5KzbvPtqlWBNgHwPX4DyomaP7jIwPPtwUPGjioy7gpsoMGQmfhpG7Wx5tlu_Z8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNoZkxvGwZdeZEaPh5LcPsoyJ4AzJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04OTQwNDQ4NzA1Mjk5NTc4yAEJqQJHMi6NJTmyPqgDAcgDAqoE5AJP0KMNgAyC3Op9jrf_s3-v6KrnoPITUgW3mss5I9Bka1iUbr9yO5ASDm4_LpIxvEAKUGWW9P0u2Q74E-vDcHrrLk5c6U2hZM0w2mBt8DjVHyHrmr0uNBVPYgYgJV0ojEOmGAmACfx_soneQStU6MuypTxLR9gQ0GoZAEmC4fJ2RvqIIl4KxuWcHOmFf5x10Q4UhNKPXTvqbLv5lFEud0yswWpmnWvpY1HaU8cxQgRKLRLW4Ea-lSXf4Xnup0To8tT8Xpu7TTGhgAm-mlzQ7OobSi4aErr3jcriRcSaV85036QCIgtDcOr8koWrxDYeLU44Lqi0qMg4OEVN5xLq_sYS4G-lETweFQvYHpq3Uuf-jUDq60Y-islEMrw9_kPlGsXCiHUzVSyzH9bg7IjNlO2qZwXkRCTOJvKZCrR17stcb87qv9bDrP7-LTzRzQxoeFnWLnjHOFn69MgPPLvCrjTvOiYCnoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WM6tuqnz9YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gTmKB1jFU9KGZFbRnYnM-wqrX-w%26client%3Dca-pub-8940448705299578%26adurl%3D
Frame ID: 0F6237FC773E388D3FCABF434AB5D481
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA63921769573765F13B58C0EE736466
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A3E7CA5218F9B0AA6F1EA40B9E6B681
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BSNOVA - 重設密碼

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

90 %
IPv6

12
Domains

21
Subdomains

21
IPs

4
Countries

1347 kB
Transfer

2885 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bsnova/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwRaXg219IvUGV5ipttCi5Q

Search URL Search Domain Scan URL

URL: https://batspi.com/index.php
Title: batspi.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request password.php Show response
www.battlespiritsnova.com/ 9 KB
4 KB 813ms
249ms Document
text/html 74.220.219.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.220.219.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2027.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 466c495328833e3e8974ff167c8b74ddd0718d32adf402e0e2ebff9908e72c75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3929
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 11:17:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma: no-cache
server: nginx/1.21.6
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 style.css
www.battlespiritsnova.com/css/ 59 KB
13 KB 521ms
520ms Stylesheet
text/css 74.220.219.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.battlespiritsnova.com/css/style.css
Requested by: Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.220.219.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2027.bluehost.com
Software: Apache /
Resource Hash: 1aaaa784726e34800f64149decaba0fe7ca1bb753f401f15d5549d4204ad32ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 10:12:34 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13526

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 539ms
512ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
server: cloudflare
x-amz-request-id: DFFZD1HK4WFVYNPQ
etag: W/"aa1272633e7e552395d147a499bad186"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 84a7deb13d4f9188-FRA
x-amz-id-2: lJ9gEI1JL+o+uq7YVOg0va9EY5Qlwz7+qztFlVS7PhzNWkOXYtzhUJ2uYIhpHsjsgpKwqvvOlMI=

GET
H2 200 css2
fonts.googleapis.com/ 120 KB
33 KB 40ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 11:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:46:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 95ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84652f1d3bea2997216519766f796f25fecbc813dc26ce00059fce7240035a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51023
x-xss-protection: 0
server: cafe
etag: 6476516684150705291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 71ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8940448705299578

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389f8909c976451acd65f60b5b6d0524a7c14f539f883dff2fe63c2e040b6b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51052
x-xss-protection: 0
server: cafe
etag: 1697478270812441324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L5R8GZ2HNQ

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c915cecdd5fcaf932533718272a84ef77196d257df597a4aa7a5e082b32a0515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 logo_with_name.png
www.battlespiritsnova.com/img/ 58 KB
58 KB 181ms
180ms Image
image/png 74.220.219.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.battlespiritsnova.com/img/logo_with_name.png
Requested by: Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.220.219.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2027.bluehost.com
Software: Apache /
Resource Hash: dfaf8de4dbd8652a243456dbb2c7d41b3b13b2fe56c09b3fca3c8d3fc9be1fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
last-modified: Thu, 04 Mar 2021 06:10:36 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 59666
content-type: image/png

GET
H2 200 main.js Show response
www.battlespiritsnova.com/js/ 845 B
351 B 181ms
181ms Script
application/javascript 74.220.219.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.battlespiritsnova.com/js/main.js
Requested by: Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.220.219.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2027.bluehost.com
Software: Apache /
Resource Hash: 46fdf4ac7b087301d065c283c280a1280e00231faa80b3c1ec546246f225c066

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 03:35:58 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 278

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KCS3JQS

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f9b9cf7a9550d865a2a57ef3cb9319eac810170a559033fd7fb654b6846f0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44840
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76CyzC1Etw.woff2
fonts.gstatic.com/s/notosanstc/v35/ 13 KB
13 KB 46ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76CyzC1Etw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48f869351e83d4560d4feb1ec75cbf662184a580ea4c8b5d2987e49f4f8df42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:31 GMT
x-content-type-options: nosniff
age: 41754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13284
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:41:31 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 120 KB
120 KB 410ms
409ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
cf-cache-status: MISS
x-amz-request-id: DFFK0CSFWRDED71Z
content-length: 123004
x-amz-id-2: 6SJ6A1vsHz8dBoYu0uPwPBo84qDqmdHYoy3EbT+LtKirXaveh/EXH0ueKxhvFi7k+r5We1trKDA=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "88fd444847dc842d15e229df26571b03"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a7deb4891c9188-FRA

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 73 KB
73 KB 464ms
464ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
cf-cache-status: MISS
x-amz-request-id: DFFKHEZYSA0T7YHG
content-length: 74668
x-amz-id-2: fl7hK90eUNeKdMyDnYafbbJSemgB2bEaBUbZ0BIrplyBZEV7Uo6c7BJUMCSKclncM2KeMjMFrPQ=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "2de2a530b2c689d8dc9548acfcf670a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a7deb4891f9188-FRA

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2
fonts.gstatic.com/s/notosanstc/v35/ 31 KB
32 KB 39ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:18:21 GMT
x-content-type-options: nosniff
age: 93544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32184
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:18:21 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2
fonts.gstatic.com/s/notosanstc/v35/ 35 KB
35 KB 43ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:09:11 GMT
x-content-type-options: nosniff
age: 47294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35520
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 22:09:11 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 19 KB
19 KB 40ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:44:14 GMT
x-content-type-options: nosniff
age: 412391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19296
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:44:14 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2
fonts.gstatic.com/s/notosanstc/v35/ 38 KB
38 KB 34ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:18:21 GMT
x-content-type-options: nosniff
age: 93544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39204
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 19:33:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:18:21 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2
fonts.gstatic.com/s/notosanstc/v35/ 37 KB
38 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:56:39 GMT
x-content-type-options: nosniff
age: 145246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38232
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 18:56:39 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.114.woff2
fonts.gstatic.com/s/notosanstc/v35/ 37 KB
37 KB 25ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfd4928ea6d4ac57cfef13e5190cca59317d6afc36d4d43db908106a51a5f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.battlespiritsnova.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:13 GMT
x-content-type-options: nosniff
age: 42072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38152
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:36:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L5R8GZ2HNQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCS3JQS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c170b995a866a170f390de33fea286675274c86123e1a9c272c30a42520d6879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 11:17:25 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L5R8GZ2HNQ&gtm=45je41m0v872981083&_p=1706095045840&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=2135522222.1706095046&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706095045&sct=1&seg=0&dl=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&dt=BSNOVA%20-%20%E9%87%8D%E8%A8%AD%E5%AF%86%E7%A2%BC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1452
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L5R8GZ2HNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.battlespiritsnova.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L5R8GZ2HNQ&cid=2135522222.1706095046&gtm=45je41m0v872981083&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L5R8GZ2HNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.battlespiritsnova.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 52ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L5R8GZ2HNQ&cid=2135522222.1706095046&gtm=45je41m0v872981083&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=388283770

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8940448705299578&plah=www.battlespiritsnova.com&bust=31080601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8940448705299578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17f49c98513524f1e28f4fe6a5154e3895f036c5ed40fc6f7079580f2bc3e360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139837
x-xss-protection: 0
server: cafe
etag: 11808661568894459247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:17:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame C374 9 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8940448705299578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:37:07 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 23:37:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8940448705299578 Show response
fundingchoicesmessages.google.com/i/ 23 KB
11 KB 46ms
26ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8940448705299578?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8940448705299578&plah=www.battlespiritsnova.com&bust=31080601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67d39a83b9a41eb0ce27b47988b162647e6e5d5b0370fc3e4935a01dfa7c9a1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9RJyHQQLlNNWmqvErCek6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-9RJyHQQLlNNWmqvErCek6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIBbi5jj2-PBaNoEbhx_5AgBwMFhn"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE71 22 KB
6 KB 421ms
420ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&adk=1812271804&adf=3025194257&lmt=1706095046&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=159&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6283012565755&frm=20&pv=2&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4d1f59bbf94ba2b470981cbc8169e740981a430e72f4da1fbc89f9c9437403e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 11:17:26 GMT
expires: Wed, 24 Jan 2024 11:17:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40AE 37 KB
15 KB 423ms
422ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&h=280&slotname=5083275212&adk=3335733925&adf=428091284&pi=t.ma~as.5083275212&w=1200&fwrn=4&fwrnh=100&lmt=1706095046&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=194&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6283012565755&frm=20&pv=1&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e37fad13c7f37ecb3616d6177bb1991a0269a9d1e138e66bbdd6ebd3de083d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15045
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 11:17:26 GMT
expires: Wed, 24 Jan 2024 11:17:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 153ms
153ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.battlespiritsnova.com
URL: https://www.battlespiritsnova.com/password.php?selector=b25da1be28f62f13&validator=2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 40AE 3 KB
1 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&h=280&slotname=5083275212&adk=3335733925&adf=428091284&pi=t.ma~as.5083275212&w=1200&fwrn=4&fwrnh=100&lmt=1706095046&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=194&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6283012565755&frm=20&pv=1&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 07:55:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 40AE 20 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40AE 205 KB
65 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:17:26 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0F62 161 KB
51 KB 100ms
73ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbDxxgAETNcA-TCjAAJGMndxpzaOkoYCzTw-Xw&u=%7C%2F7vck6Kd1w6%2FSOc5JtB2R2AaKhIcFHoUtU1X6tAKUrA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_-jnPeV7Ik6GlwpQ8LXb5VkZZzPoPya_9UVoa4-7rBB8uOK5NCsxXO4kv1f5p-3xVGiti0pYwhRjrHubU4nQgtU4Cpg3iT_fWcLwsBQ0wzM8TFHV7lWnZcpV7XNhC2W87sn4Nuacqh8IW1OFhk58yvuw_mInjSEMehNon9dhXbR4DmgZqLmjGCiMJa4egFA2gYDodUUEWkDp-5uOXdF4cFYjweMQ7CpS562iYN-uXMagwimWVvtByz7kd7d736tGVbrE0JKzqWC5Civf2yqsA0L2yS7szDrgWVGlU6lUg9uHHgYKij9sUpkQfGLzstkw1KGBua3Gb08NrIT162_9N0lerMzhBOt4PxqUxFmE5uh00jBiFP-MA0Bd_6cRnBJEnpGpZImcWdmA5N7J7Kg2cBXowf9fz0NSj4D1ZDxJjpMM-1jpObGayMRW4zGQb63_azdCB_RubP3pJQ7VIBEuXREVCRwXLgvs0TJENFVc8wxpC-IQBoGaUl5TVoLTNPiy4Detij0fxLH8aTjlRl2W3dzGq1JElBSlpi0--9BOroy10dXwcz2XlINP5KzbvPtqlWBNgHwPX4DyomaP7jIwPPtwUPGjioy7gpsoMGQmfhpG7Wx5tlu_Z8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNoZkxvGwZdeZEaPh5LcPsoyJ4AzJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04OTQwNDQ4NzA1Mjk5NTc4yAEJqQJHMi6NJTmyPqgDAcgDAqoE5AJP0KMNgAyC3Op9jrf_s3-v6KrnoPITUgW3mss5I9Bka1iUbr9yO5ASDm4_LpIxvEAKUGWW9P0u2Q74E-vDcHrrLk5c6U2hZM0w2mBt8DjVHyHrmr0uNBVPYgYgJV0ojEOmGAmACfx_soneQStU6MuypTxLR9gQ0GoZAEmC4fJ2RvqIIl4KxuWcHOmFf5x10Q4UhNKPXTvqbLv5lFEud0yswWpmnWvpY1HaU8cxQgRKLRLW4Ea-lSXf4Xnup0To8tT8Xpu7TTGhgAm-mlzQ7OobSi4aErr3jcriRcSaV85036QCIgtDcOr8koWrxDYeLU44Lqi0qMg4OEVN5xLq_sYS4G-lETweFQvYHpq3Uuf-jUDq60Y-islEMrw9_kPlGsXCiHUzVSyzH9bg7IjNlO2qZwXkRCTOJvKZCrR17stcb87qv9bDrP7-LTzRzQxoeFnWLnjHOFn69MgPPLvCrjTvOiYCnoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WM6tuqnz9YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gTmKB1jFU9KGZFbRnYnM-wqrX-w%26client%3Dca-pub-8940448705299578%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c840fdc94cca5d82e552c819dfe54a5d24e0ff284a4a1389bf7992706aef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 11:17:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CdEYAx1Eyp81JwpSC98JzlDQyjv41p9Bd2s_5rMOaNjO0AEbPCRqqVd75_PRFMGc2Z76H_JGzxsMrZrBKNbcgSLaz_6XTZ1Kch3UYSnZi0kX_yVADm3L_GU734iQQnlSF3cD7IjjDerpLHfIGAbFvXpji0lHccxcgBIKurFi0kzkL1PLBP15g_0nLnft-gZDeM01bi3ZDN1XMnHPHboLhaySXZeaDCWbB8MOyXaz_zmV4D7myiqGEOb1I_tMpVPKxWPTvA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59318790
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 40AE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac40d881054e0777e33fde8e4e88801d6c49e182ef98bb212346a69104b0c506

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 40AE 0
23 B 45ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcL2zxvGwZdeZEaPh5LcPsoyJ4AzJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04OTQwNDQ4NzA1Mjk5NTc4yAEJqQJHMi6NJTmyPqgDAcgDAqoE4QJP0KMNgAyC3Op9jrf_s3-v6KrnoPITUgW3mss5I9Bka1iUbr9yO5ASDm4_LpIxvEAKUGWW9P0u2Q74E-vDcHrrLk5c6U2hZM0w2mBt8DjVHyHrmr0uNBVPYgYgJV0ojEOmGAmACfx_soneQStU6MuypTxLR9gQ0GoZAEmC4fJ2RvqIIl4KxuWcHOmFf5x10Q4UhNKPXTvqbLv5lFEud0yswWpmnWvpY1HaU8cxQgRKLRLW4Ea-lSXf4Xnup0To8tT8Xpu7TTGhgAm-mlzQ7OobSi4aErr3jcriRcSaV85036QCIgtDcOr8koWrxDYeLU44Lqi0qMg4OEVN5xLq_sYS4G-lETweFQvYHpq3Uuf-jUDq60Y-islEMrw9_kPlGsXCiHUzVSyzH9bg7IjNlO2qZwXkRCTOJvKZCrQ37OrO7106gnATiyRyDdV1wytizlP4Nvpz8GRcBncREKNaZKDP04AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WM6tuqnz9YMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5NDA0NDg3MDUyOTk1NzgYAA&sigh=0mzSHnd8bms&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_IeaVY9PdtcbZIhgOWMiM4VQ6mx82XPd9S87KeK9UqCa8ZLVNcuBgPz-Ob0bsPRm5_4LkwQM8pwd6qUBp7IFBOKj2-Mp1giy-PWQYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&h=280&slotname=5083275212&adk=3335733925&adf=428091284&pi=t.ma~as.5083275212&w=1200&fwrn=4&fwrnh=100&lmt=1706095046&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=194&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6283012565755&frm=20&pv=1&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 11:17:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 11:17:26 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 40AE 0
126 B 129ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLAJmAKdg2ICAgAAAO6xMlNO7h_wEMbxsGU3b0Dy1XInq3OMAAASAAAKCkFRVUJEd0VCRHc&wp=ZbDxxgAETNcA-TCjAAJGMndxpzaOkoYCzTw-Xw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 180519
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0F62 2 KB
1 KB 51ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbDxxgAETNcA-TCjAAJGMndxpzaOkoYCzTw-Xw&u=%7C%2F7vck6Kd1w6%2FSOc5JtB2R2AaKhIcFHoUtU1X6tAKUrA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_-jnPeV7Ik6GlwpQ8LXb5VkZZzPoPya_9UVoa4-7rBB8uOK5NCsxXO4kv1f5p-3xVGiti0pYwhRjrHubU4nQgtU4Cpg3iT_fWcLwsBQ0wzM8TFHV7lWnZcpV7XNhC2W87sn4Nuacqh8IW1OFhk58yvuw_mInjSEMehNon9dhXbR4DmgZqLmjGCiMJa4egFA2gYDodUUEWkDp-5uOXdF4cFYjweMQ7CpS562iYN-uXMagwimWVvtByz7kd7d736tGVbrE0JKzqWC5Civf2yqsA0L2yS7szDrgWVGlU6lUg9uHHgYKij9sUpkQfGLzstkw1KGBua3Gb08NrIT162_9N0lerMzhBOt4PxqUxFmE5uh00jBiFP-MA0Bd_6cRnBJEnpGpZImcWdmA5N7J7Kg2cBXowf9fz0NSj4D1ZDxJjpMM-1jpObGayMRW4zGQb63_azdCB_RubP3pJQ7VIBEuXREVCRwXLgvs0TJENFVc8wxpC-IQBoGaUl5TVoLTNPiy4Detij0fxLH8aTjlRl2W3dzGq1JElBSlpi0--9BOroy10dXwcz2XlINP5KzbvPtqlWBNgHwPX4DyomaP7jIwPPtwUPGjioy7gpsoMGQmfhpG7Wx5tlu_Z8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNoZkxvGwZdeZEaPh5LcPsoyJ4AzJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04OTQwNDQ4NzA1Mjk5NTc4yAEJqQJHMi6NJTmyPqgDAcgDAqoE5AJP0KMNgAyC3Op9jrf_s3-v6KrnoPITUgW3mss5I9Bka1iUbr9yO5ASDm4_LpIxvEAKUGWW9P0u2Q74E-vDcHrrLk5c6U2hZM0w2mBt8DjVHyHrmr0uNBVPYgYgJV0ojEOmGAmACfx_soneQStU6MuypTxLR9gQ0GoZAEmC4fJ2RvqIIl4KxuWcHOmFf5x10Q4UhNKPXTvqbLv5lFEud0yswWpmnWvpY1HaU8cxQgRKLRLW4Ea-lSXf4Xnup0To8tT8Xpu7TTGhgAm-mlzQ7OobSi4aErr3jcriRcSaV85036QCIgtDcOr8koWrxDYeLU44Lqi0qMg4OEVN5xLq_sYS4G-lETweFQvYHpq3Uuf-jUDq60Y-islEMrw9_kPlGsXCiHUzVSyzH9bg7IjNlO2qZwXkRCTOJvKZCrR17stcb87qv9bDrP7-LTzRzQxoeFnWLnjHOFn69MgPPLvCrjTvOiYCnoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WM6tuqnz9YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gTmKB1jFU9KGZFbRnYnM-wqrX-w%26client%3Dca-pub-8940448705299578%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0F62 2 KB
1 KB 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0F62 308 B
636 B 50ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0F62 293 B
621 B 41ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0F62 43 B
348 B 47ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qiXbPt6CE6D-1zVCyUDLT1rTLHSPJIpcxBT-GzwmzKa_S_AOtK2Q-ryaQS2NI_qjiTBaURy8EUHFbdaIbufsGLmaUFTQ0wQTdG6AXvhr3UVnTU4Rf36MJ7io4dVvfsOksj_SFR1T0Dtyt0TNymjLMiFcfIeJm4gRp3oNdYP4WvVvjiZVkJw_halnWcvc8JPsFkglRIGwLwrG6DS-DpGt39ekRNlsajmbWU9Ya51gjdKjld263FaZxjtHECWzyEXSdadjxQfHwcjl6RESKJLgwwjFnT7ZVtNAFMKmwyPmUSq7e0lIaupzIJPVvLoXh5aaEJsTxna-bn4IjJeHiuFM8gVDzL3Z03tG66hhzWBlActhRbi5_nm-8XNLllUCDiCF4acIvAaBKyVcBnqJakHwZmi8lFqUOANsadzGY_3Sdq1lK23bWv9_ogAcbHjBfQSaWCz3Ug

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1492969
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0F62 12 KB
6 KB 36ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0F62 54 KB
54 KB 60ms
31ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Mon, 06 Jan 2025 04:52:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0F62 14 KB
14 KB 75ms
46ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14338
expires: Sat, 03 Feb 2024 04:47:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0F62 16 KB
16 KB 73ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Fri, 02 Feb 2024 21:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0F62 20 KB
21 KB 53ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 20960
expires: Fri, 02 Feb 2024 13:03:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0F62 0
128 B 41ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CdEYAx1Eyp81JwpSC98JzlDQyjv41p9Bd2s_5rMOaNjO0AEbPCRqqVd75_PRFMGc2Z76H_JGzxsMrZrBKNbcgSLaz_6XTZ1Kch3UYSnZi0kX_yVADm3L_GU734iQQnlSF3cD7IjjDerpLHfIGAbFvXpji0lHccxcgBIKurFi0kzkL1PLBP15g_0nLnft-gZDeM01bi3ZDN1XMnHPHboLhaySXZeaDCWbB8MOyXaz_zmV4D7myiqGEOb1I_tMpVPKxWPTvA&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 11:17:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0F62 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0F62 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jan 2025 11:17:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eab81c9635d4a4ea847437a348babda3045373e2d654174ab2e788c29d4bb5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12224
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:17:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA63 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 08:00:29 GMT
expires: Thu, 23 Jan 2025 08:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A3E 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ff897bd7b315506355ca03707fac7b084390d5e0bd29396182c7aab5ac89c0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8SM6nirvDAvsykV-PTgAjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8SM6nirvDAvsykV-PTgAjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 11:17:27 GMT
expires: Wed, 24 Jan 2024 11:17:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BA63 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 07:13:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A3E 0
0 153ms
153ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=1866494017711021&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BA63 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?brDxBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:17:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 159ms
159ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=1866494017711021&bg=!gIOlg8zNAAa8BdJLnAU7ADQBe5WfOA6UHDC7xtWz07FL2-XZgBS6pe5NMt6X5Y-FXV8_FWeNIEDWt_Gk_kdAee8m-wjrAgAAAC5SAAAAAmgBB5kC1tdJ6YVHAFC6DYJhL4uzugXiAjk9IWSuR6offf8cPha7jHFi8jl5dAsj3p16q0EXlF2JgLft9DycrgTkDE0PfIDJHCq5hrU6FO1wrJhThMaF8VoFLeXDTsr1t5jIi3kxQmF8J8mBHEgSOMuhHOEpJahmuzZT5PGdcFbVoR59H1UOwhOrkQz50mj2dcjjj2RrciPgoumvLTSQRJMflcF2iYfU8cnhFDd2q2X429u6bY-KrEhvJpVmL2JIvaYkuQ04NaZVubanTum9s9jRlLXEtaiphGLth9mxdYPkq1lZi3yc6eHDRdbOeJGiQBK4b-zivHdHoJOfsnfMV77UilPTkeFiTDyeXTZSc_ns-9Hs6CgsKm6OyCc-XO3h36zQ-KLo2xi9dyxxke64MR3DzXl91_jSWyQwG0VxdyyiyYR4prAIJjRKhf-GoILfsMK_rYIR6jO4u5bfBGS3n5TsS71_tEhCLf1ASAE_rsJeOqEuK7zSW4sTfOA3XmiHTvUFTFeUItjI14MQ_Hve3jkNfYIHE_kP5rcNVunwHpJk8z9PsGE3Mc3NC87pjOimxCR7BZAOCLZvQFVcztKUIdLZOZBgjUhVtf-HME5MU3MhSwU6crybaiIPq9K4ZlwAM0ay83RAUuOzgdIVGLzEBvkBltMo2UAZbG6r33f6a3hcrYkfrSFNG1GCewjJzkX6PLyzt_siWgJnVJSumkEN63WHlNeFWfgfoyE9MyV8bhkIWh0cgMIq3qpFKu0quyxW8GrYA4LWd3UghzSBKwfwVxv4_QP4utnrxWDyf4OoiTegMJafjJOZze_1K9xi5ewakhIz8ZmJAVIBxQqiUEiDi4Sr1I3mhT3OtH37FQL13BfwVL8lEv8Ishqb-ThBAB_N-icF95G1msuKhoVMhqvN9vwspm5MkG7kJf_AKepXKo-6zJ2oCgMOhDJ11jV9vxH3Y0hJn6cRealT7DGC2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40AE 42 B
64 B 160ms
160ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4jLVGO-bswY7LjNo43lBY_J3W6z0GfkMHOqorvB0fhAFXyQgMCwbxAhtXZHuSU21DMyveKGDHD7jobZlPwxQbgP6WzOgvr6hxCOqfLVu2cL2ov1vPQA&sig=Cg0ArKJSzGtU0XDMAiseEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3335733925&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706095046191&rpt=620&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 11:17:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0F62 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 11:17:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.battlespiritsnova.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a8dfcc0d2c08f933c8b3cb44b7f4c36f
.battlespiritsnova.com/	1970-01-21 03:30:55	Name: _ga Value: GA1.1.2135522222.1706095046
.battlespiritsnova.com/	1970-01-21 03:30:55	Name: _ga_L5R8GZ2HNQ Value: GS1.1.1706095045.1.0.1706095045.60.0.0
.battlespiritsnova.com/	1970-01-21 03:16:31	Name: __gads Value: ID=f6afa4a68eeee19c:T=1706095046:RT=1706095046:S=ALNI_MaNBVE4phbK9NxND8a_KTnIo-L79w
.battlespiritsnova.com/	1970-01-21 03:16:31	Name: __gpi Value: UID=00000d48263d84a6:T=1706095046:RT=1706095046:S=ALNI_MYOqNA0HSYFUkHFR2X7ZErVjn-skw
.doubleclick.net/	1970-01-21 03:16:31	Name: IDE Value: AHWqTUkulQUMrUeLw1s3m1d-H5C8nxUNmF5ILZuSsxoD9ZVR8fFZ4XVlRiSjvM2mYMk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8940448705299578&output=html&h=280&slotname=5083275212&adk=3335733925&adf=428091284&pi=t.ma~as.5083275212&w=1200&fwrn=4&fwrnh=100&lmt=1706095046&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.battlespiritsnova.com%2Fpassword.php%3Fselector%3Db25da1be28f62f13%26validator%3D2a7639c0837af846131a6bfe3369f94358edbeb4248c7c13cc329e072298cb8f&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706095045941&bpp=1&bdt=651&idt=194&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6283012565755&frm=20&pv=1&ga_vid=2135522222.1706095046&ga_sid=1706095046&ga_hid=1735911967&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809530%2C31080601%2C95320890%2C95321626%2C95322164&oid=2&pvsid=1866494017711021&tmod=80304296&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
pro.fontawesome.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.battlespiritsnova.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
178.250.1.6
2001:4860:4802:32::36
2606:4700:4400::ac40:93bc
2a00:1450:4001:802::2001
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
74.220.219.213
03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89
17f49c98513524f1e28f4fe6a5154e3895f036c5ed40fc6f7079580f2bc3e360
1aaaa784726e34800f64149decaba0fe7ca1bb753f401f15d5549d4204ad32ba
1eab81c9635d4a4ea847437a348babda3045373e2d654174ab2e788c29d4bb5f
1ff897bd7b315506355ca03707fac7b084390d5e0bd29396182c7aab5ac89c0e
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
389f8909c976451acd65f60b5b6d0524a7c14f539f883dff2fe63c2e040b6b93
3f9b9cf7a9550d865a2a57ef3cb9319eac810170a559033fd7fb654b6846f0e5
466c495328833e3e8974ff167c8b74ddd0718d32adf402e0e2ebff9908e72c75
46fdf4ac7b087301d065c283c280a1280e00231faa80b3c1ec546246f225c066
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
67d39a83b9a41eb0ce27b47988b162647e6e5d5b0370fc3e4935a01dfa7c9a1a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7c840fdc94cca5d82e552c819dfe54a5d24e0ff284a4a1389bf7992706aef33b
84652f1d3bea2997216519766f796f25fecbc813dc26ce00059fce7240035a1a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e37fad13c7f37ecb3616d6177bb1991a0269a9d1e138e66bbdd6ebd3de083d6
9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac40d881054e0777e33fde8e4e88801d6c49e182ef98bb212346a69104b0c506
b4d1f59bbf94ba2b470981cbc8169e740981a430e72f4da1fbc89f9c9437403e
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
c170b995a866a170f390de33fea286675274c86123e1a9c272c30a42520d6879
c915cecdd5fcaf932533718272a84ef77196d257df597a4aa7a5e082b32a0515
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
dfaf8de4dbd8652a243456dbb2c7d41b3b13b2fe56c09b3fca3c8d3fc9be1fb8
e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
f48f869351e83d4560d4feb1ec75cbf662184a580ea4c8b5d2987e49f4f8df42
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec
fdfd4928ea6d4ac57cfef13e5190cca59317d6afc36d4d43db908106a51a5f2b

www.battlespiritsnova.com Open in urlscan Pro 74.220.219.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

90 %IPv6

12 Domains

21 Subdomains

21 IPs

4 Countries

1347 kBTransfer

2885 kBSize

6 Cookies

3 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.battlespiritsnova.com Open in urlscan Pro
74.220.219.213 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

90 %
IPv6

12
Domains

21
Subdomains

21
IPs

4
Countries

1347 kB
Transfer

2885 kB
Size

6
Cookies

59 HTTP transactions
1 data transactions