www.csgowinner.com Open in urlscan Pro
81.169.142.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://csgowinner.h2887616.stratoserver.net/
Effective URL:
https://www.csgowinner.com/
Submission Tags: phishingrod
Submission: On February 25 via api (February 25th 2024, 1:31:09 am UTC) from DE — Scanned from DE

Summary HTTP 250 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 38 domains to perform 250 HTTP transactions. The main IP is 81.169.142.103, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is www.csgowinner.com.
TLS certificate: Issued by R3 on February 25th 2024. Valid for: 3 months.

This is the only time www.csgowinner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 58	81.169.142.103 81.169.142.103	6724 (STRATO ST...) (STRATO STRATO AG)
1	193.108.153.23 193.108.153.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
43	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.18.96.175 2.18.96.175	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.121.5 13.32.121.5	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5 11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
21	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2 5	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 8	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	18.184.93.224 18.184.93.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	35.176.232.93 35.176.232.93	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:1a4a:b40e:95e8:4bce	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
1	2a05:d01c:4f2... 2a05:d01c:4f2:bf40:7276:b92d:c8b4:8166	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
3	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
2	35.176.11.248 35.176.11.248	16509 (AMAZON-02) (AMAZON-02)
250	45

58 81.169.142.103 (Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)
PTR: h2887616.stratoserver.net

csgowinner.h2887616.stratoserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.csgowinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com

steamcommunity-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.96.175 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-175.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-5.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.244 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.84.244 (Wuppertal, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal900026.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.184.93.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-224.eu-central-1.compute.amazonaws.com

red.vtracy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (Saint-Martin-d'Hères, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.232.93 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-232-93.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:1a4a:b40e:95e8:4bce (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:4f2:bf40:7276:b92d:c8b4:8166 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.11.248 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-11-248.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	1 MB
57	csgowinner.com www.csgowinner.com	1 MB
32	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 ad.doubleclick.net — Cisco Umbrella Rank: 157 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 548	199 KB
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 686 csm.eu.criteo.net — Cisco Umbrella Rank: 9110 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9643	476 KB
9	adnxs.com 3 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1695 ib.adnxs.com — Cisco Umbrella Rank: 259 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6747	36 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38179 hal900026.redintelligence.net — Cisco Umbrella Rank: 225486	41 KB
8	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9065 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10448 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14540	128 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 56	14 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 628	3 KB
4	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 41206 medialead.de — Cisco Umbrella Rank: 40940	1 KB
4	vtracy.de red.vtracy.de — Cisco Umbrella Rank: 140505	18 KB
3	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 974	7 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28155 api.webgains.io — Cisco Umbrella Rank: 68369	19 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	242 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2124	21 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 618	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 891 r.turn.com — Cisco Umbrella Rank: 4071	869 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 341	32 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 136
2	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 67825	438 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2093	296 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 530	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 377	235 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 825	715 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55564	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 163040	923 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	149 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	89 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1091	8 KB
1	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 6261	199 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4443	38 KB
1	akamaihd.net steamcommunity-a.akamaihd.net — Cisco Umbrella Rank: 15438	2 KB
1	stratoserver.net 1 redirects csgowinner.h2887616.stratoserver.net	248 B
0	t4ft.de Failed c.t4ft.de Failed
250	38

	Domain	Requested by
57	www.csgowinner.com	www.csgowinner.com
43	pagead2.googlesyndication.com	www.csgowinner.com pagead2.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net www.csgowinner.com tpc.googlesyndication.com pagead2.googlesyndication.com
21	static.criteo.net	ads.eu.criteo.com
16	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.csgowinner.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
5	www.bing.com	2 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	red.vtracy.de	ad.doubleclick.net googleads.g.doubleclick.net
4	hal900026.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900026.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900026.redintelligence.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com www.csgowinner.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	choices.trustarc.com	choices.truste.com
3	pv.medialead.de	hal900026.redintelligence.net googleads.g.doubleclick.net
3	ad.doubleclick.net	googleads.g.doubleclick.net www.googletagservices.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	www.csgowinner.com googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net hal900026.redintelligence.net
3	www.googletagmanager.com	www.google-analytics.com adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	rtb.nl3.eu.criteo.com	www.csgowinner.com googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	www.csgowinner.com www.googletagservices.com
2	www.googleadservices.com	www.csgowinner.com
2	www.google-analytics.com	www.csgowinner.com www.google-analytics.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	medialead.de	1 redirects
1	track.webgains.com	www.csgowinner.com
1	adv.office-partner.de	hal900026.redintelligence.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	choices.truste.com	www.csgowinner.com
1	beacon.sojern.com	www.csgowinner.com
1	cdn.adnxs.com	www.csgowinner.com
1	adsdk.microsoft.com	www.csgowinner.com
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	steamcommunity-a.akamaihd.net	www.csgowinner.com
1	csgowinner.h2887616.stratoserver.net	1 redirects
0	c.t4ft.de Failed	ad.doubleclick.net
250	54

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
www.twitter.com
steamcommunity.com

Subject Issuer	Validity	Valid
csgowinner.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
redintelligence.net R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
vtracy.de Amazon RSA 2048 M01	`2023-06-05` - `2024-07-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
pv.medialead.de R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.csgowinner.com/
Frame ID: 6B82204C5178E1F6CE788EEE5123BF8D
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1708824662&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824662262&bpp=4&bdt=202&idt=131&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&correlator=2306123912379&frm=20&pv=2&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=148
Frame ID: 3CFDE5BF6ECACD8AF3D2878E5C387528
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&adk=1812271804&adf=3025194257&lmt=1708824662&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.csgowinner.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824662516&bpp=5&bdt=456&idt=5&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=18
Frame ID: 9F8BA4F3071C5A99E20E87ACA4216E8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=940&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0&nras=2&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: BFC3643A4EF87E075C474A35B6CDB194
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Frame ID: 94C0D495FE886E9FD3F3E879F3CF992A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: 1DB840EDB53A8C0692F948BD3C431C8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4DDB018189371F1A32BE90AFF0430F48
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3FF9CB9D318C1465C339B79B08831EE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BD11DBDA39BF2C45DEC9E26A46FD5D34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 434330E407370859E9318305B02FC1FE
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 7E37A6700F081E2407A33857FFFD71CF
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvcH_YtDAAr2Lz_ft2BbYhg6KuefvQ&u=%7CuQ0TUZO7D2oXDIfR7rP%2BRBshMPg83ZB1bH6sBV15vZc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zvUa-jc8nSvNP0VScVBYaAugJLvcqeaMk4Rh_WWk3ICs90xoMjsv8nKnNk65NFkCp51UL0LJo4FLYTWm68f8EOhnZrM_S_rP2rbJGE-JTU516K9YIi7FEWvTs0M5IUw2LAq08ddsZWw8YBfAyN_evVzT6sn1bvFmzjfGc-1r2DnHQLJ-JG8M-VQd_XrDh1KdUtJJfneS1JAbasyeNbAjfpfwrKV-DQAnlmf93UekqN9Knplz6Uq4b_y3MLU3cE7PCTblDO2snVDqjSQDj-JouhKyOAOrDlNkHsynn6gHr5bee0X252jAzKc7zriwGzGiMIJHtF_YxYeTefgiY1wtCE2m_1DPt2o9JWzy044DIPJmYTm-GACM-ox82ssPdI-hNfnxCkIxp3Kz8fvD6H3LXRJ7jNs0lStJ0BSeZyJswQjaq63NGGX1cFERUoEhpSbKftHA5nEUClKOB9Kc6LsDc9WnveR5SbIxjBPYCrvkPm5r7n7ify1nsxz1Hero9lH1-h6BMsH0DYFm9zgOEQUEVNKLYqjYw_Es9-QVwX1tquN8cp_4-V_Ds6KhsWDeJSMPWA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCooR-VpjaZfelIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT8AU_QCXqB13ffyaqIVt2kqhHmEh6Kk50m18_zhDABeFmGDjmiZ_ob7fIMMKf2W8rwhNaFcQX9oQBzeVokW4EIaXODh9xjEGsAqK9YkV-duN3OngOebs5vdoQdwDZb6HTnAnJMF7JJ8nWQUeReV1jrNwUFb2QlWB5PTs2du6AE64HGnmtut5Wq7XyXWXq-CXAvxH4rXWCMiEe2ODNjpLF_7Ho7xxiHEPd5k8Sq7DnWCjluievSENofS6ZJP1Gyka-UHKHYT_JUKjNY_g0SDi9X5Fk-Fby2KmbEm0TAtKQey4BV_p8UYTjC-ldVXcYnNLAoa2Gc7eI6YZjg1Mlq74AGsK7b9r7fjrydAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgJQISL39wTpYt4T796vFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_389k_Kn-nKa3gPlPmIhvUAeB6izQ%26client%3Dca-pub-1702866763462916%26adurl%3D
Frame ID: 05664F0ABA367AC718252EE6E9E0658F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Frame ID: D38B72248721CE0C04FE92BEEA8D83AA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBC4qCgYsOithgIwAQ&v=APEucNXPZxFERvmVmI-2_kHOR5PohmXVIBiMLnFiBKstrPSzEZkhEnXgSZnzWbs65e2nInuKkv9ElCFGwtzcQ_rUA5RgDmHXIFtCodoT9vid1d8RPgt81H5UI3hRgTZoSwAMOUOXWe0SgMPk6BXxr0_U3O8_-cEp8eNuSFjL0fgPCW3fKR6Aksg
Frame ID: 7835C25A91773EBB82AE3AF66C909806
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AB11AA9F4C2D0B44E426117EBC00D1AE
Requests: 33 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVwAAdbIIu-7FAAUFFs48TzbcCsGBOaOR2Q&u=%7Cqy5517RwytGSmxw%2FjpA0ozzraiitAX9DL3Z3gI4vJ8U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcEBZyMbH-CF1nXcl5UwhjUzZa8wpMc1S5Ly3k8rV70eqVt78lC6tWTf6edoGtdqOdRJAEhHK0P3D1VcmT2YNu9zzeNRXRd8RHMyMrF1hFaPwk_mK4Nn2dWx5-jSxAdQSwtVMIDcmg-3empBbzQWSTEGqHh3Lz9xX6IW3XX-ud_onCyRw54Q4zx7IVQqjnKws-JNt6T7FT8B_2tTS_tFuh3ftN-QeSqr6EnRVmU2zqIsXUD0iNTGuqI6VpVkJFu6co2JV3QPJRPuhxCKL4J2_XyJnAaqA36fP3maZRsNHrWQ8bX1CobRN8YFUO1cXl2nYZ8lIfomeXMeDLFJNdVLe9kaAkKIFRzMCMWn8tTQOymfQV5hUm0ix1t5zxLgZMcWmEb0ImT1lguM1zr4aZYAUC78KfP3yd61AnwHE_xMvty3sXG9EokPk-fQ4Z9-f5LlAIUCTz25zaEpBP6A8pLwzhfA3zbDjZeqNHJk3OvF0PuR73s09kFUTAgjf-ht0zMapEajhcRx7hhsgQbzf5BVjV4xa4mDsWAxuEi28yXB5vCSgTyf_s6BFwLASqFSqJ6Qik&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8mTV5jaZbLrAcXd7_UPloqUqAfJntKxXPXqoYaIAcCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqQJzIH7huieyPqgDAcgDAqoEgwJP0MQPtPYY2O42m7oir4CSSLkhAImuDvxbTS8X-Z7MmYTt7_ujUkB8b7yi1W3nTueavQuYn-5eVjT_j5yp6sHeuk9WIkFPoY0ibOpIGCLsdCZK4p0pZJcqRa792H0yjMMVBkgrw2yBPVj_Q_DzBjqKl0HGGz3GvXcO8aJaTxrpsVkelL0ODRiN-OUvKLh5ob4NrUid2EplFGQ4aY65cPEAvIoLfV9xhDILJZk8tR-oz0zX4zV3y7eKGKkufJDv9Zv7VJPyJCy4k1Oyo2RRmVf3ZPthBx-JjfGzvtkE1QTkNV0fgrtERN9yUzdNKBZHqF5ZVgJJXXHw-9tHd3LOaQwJNiDjgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUCEi9_cE6WL_Ul_irxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yd720YXB9pJk99YlQqVaM6m4eNg%26client%3Dca-pub-1702866763462916%26adurl%3D
Frame ID: 85114274D4671781CEBDC40EF670997C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWESRz-ercbx0e_oVDtDqsevYd4BN5MHoJOnlQUlyrhYz1Y7Tak3Uf_DAHlR6fMYDAOOxlCfmz2gW08ApK5Xt5sx42Yc4cDoxAdhLRGBAIiW-7vGtEUoxnS7gfxwq7DF_SepSUZClg2PAnhO14VvgEEY6ONDwn3rV8A5V8UhnZ-V4YktZ4
Frame ID: 33797A1C2D0E3570FE4C2A2E8B1F1ED5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 73898230F16A2F7DADA3B0B24BAA45AA
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvQH_YtDAAr2L6qntKKO7G2k_MkOwQ&u=%7CuQ0TUZO7D2oJ15OCOE8g5HP3wYnZ1rd8YYMUornff1M%3D%7C&c1=oP5_e7JVVt10ydGCSQJP_joAcgJGzOMEyCmBEYhmIgwm4-vvT_dTlMllZ7xIoLqU4WXNnD9ltKdBnxoo-Jm2KeWn9HTixSRB_F79BZ0wnA56tm0M7O0BZr1Gw8XF-FDyxgLyezjhshYcg0XnlCDoCeeQSKYi9wl6ZPgyX3RKs8JeBgzScxfKynwEva90xa7hBBPB62o-M9zZirgyyv50erMfFSTjZtIB2hSRpCRokuxzo0gxKO6HAuI7iGwRVhbnNwjU6KdTgF6lWolaHD6HjIDWdV2F6UuCJQ6rpkyyKv5VYFqzYrPvzAydsOR7WwCq-TKcKp9RAaI1tWPBDM0Cr5i8nFIFB_RfMlvtB_lJeCx-lyFN7SZ2SIn9JJhI1qiTACwQD-JOfQwBspEdMCfkK3iky8GOKy36DpjHMnYPr2RPxWhMRJDfrR6eAePGVGoafQjOUGFBHbTjWCP82u1Lcy11IG4ElNmO3ha97Pz-E5t7y2yairoYuLboF0Ke7DydR7rDeRupijIUI5WVN4KbeKlJus-ZcSYJLcksTK_z1jFILnqPXHgcIoluJOXgd0ws4KMe8ub7UAPc9bhycrB3mizQPfhvkfK_nWkuIJ_2aGECYRTqFD7lA3oUlnob9hUxGJy-_CJ82-ED3HwFBRCBqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YPJVpjaZfSlIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT-AU_Q1h-OKrvzpii08JrUFzRobjTmnRXaXoawx5RaqNPUW5EXw0-ZaJb1bPQF3zxvdSZlL1e8QNZ4IS6lYYiOVyrJDwNtOJFg3O8eUS7K_mncnJYQyD-xJqp7nWBgIs4lTlwi6BrpYkYVUg7wnQe1rZU3FJ968OR4G7DYzfgf2Xv8Po3u5mISKTyuazOARVbcYO2OIDbauCVnoXdsi3_d5uh9TgbjjtvRrEP_05x7Kkdcrhx79qYhyppvQhUlzSS0xx7VoG0qOz13DMyVEJSj_sEdOLDvdz7GykVngZJA3M-l4s3sZt73JO4DKqRYZLIE0VBYp7Wl7QV_VImumMKRgAaYudmtkeuds0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUCEi9_cE6WLeE-_erxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Xg_eQzm8hec2sVFjPkH81dDBRDw%26client%3Dca-pub-1702866763462916%26adurl%3D
Frame ID: E1ACEDF6DCC2B9777BB5E2A56B507830
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Frame ID: F49D635465F87E56D211557B62C388BF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6A001B9E00216E4100A8FE2470C6C1D6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3D41C5EB28FA65EB330B9AA283470AC3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B18696555B0E4FAEF1B60E9D27002269
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D2412EA5E50EEC3FB560F2F0F022E7CF
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 3E385FBDCD09483B808FA6E6C43AD103
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5219E7E6CE4E2BA5709E3132212A4F9F
Requests: 3 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Frame ID: E736EE74F1E2D1048C112C08F10D57F7
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3086319B15033E69D7C279F33AE276F9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35EDF8951BFE92D91351612195B5ABFF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A5C8836921E001EE504A77944B2580F
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 1F0EE47C8675AD17C2356B21CD6CBFC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The biggest CS:GO gamble sites listing | CSGOWinner.com

Page URL History Show full URLs

https://csgowinner.h2887616.stratoserver.net/ HTTP 301
https://www.csgowinner.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

250
Requests

93 %
HTTPS

47 %
IPv6

38
Domains

54
Subdomains

45
IPs

9
Countries

4056 kB
Transfer

7809 kB
Size

34
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCrysyrTFQcD2e9XOxP2_S7w

Search URL Search Domain Scan URL

URL: https://www.facebook.com/csgowinner

Search URL Search Domain Scan URL

URL: https://www.twitter.com/csgowinner_com

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/groups/csgowinner_com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://csgowinner.h2887616.stratoserver.net/ HTTP 301
https://www.csgowinner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://googleads.g.doubleclick.net/pagead/adview?ai=CMUGOVpjaZd65HqaM7_UP_f240ATN-KCfdc7_x9iSErCQHxABIJnv7xFglfqagqwHoAGItd7cKcgBCagDAcgDywSqBIMCT9D1YCXxvlFoLDP2MuJtD8Xid7g0-1ShfO1jaUxYYX5f1BKGlBkxHG9oTB1EcLRY87Wprua53qL3BYxyJLg0UODqzxACleud4N7jI9IwnYwqvcNw8Kmz8fu7MIL8BzsIpOT-zegRCk-NlpY3bXVecXbe5WYQV9pO6-i9d8k3WflMiYq97cC9k5SqlHImUKIX-CinuMRmxBEVkO5E6e7u-cOPRLQzO_0eKpZBESTGUosn3dygB4b1quKSsIyivmnJD_0RSVTXDFAZvZ_QSoYqORdeGaDfDrf2ij0-PLGSnQ4PM13cdR2CiGVhCkoKBLesoMpx77H3_JiJEAzamVCgYZEFwMAEj_LszsIEiAWc56OhTJIFBAgEGAGSBQQIBRgEoAYugAfSh4rCBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEMORBNIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICUCEi9_cE6WKug9_erxYQDmgmkAWh0dHBzOi8vc3QtcGMua2luZ3Nncm91cGdhbWVzLmNvbS9idWlsZGVyL2xhbmRpbmctMzUtZW4vP21zPWdvb2dsZSZ1dG1fY2FtcGFpZ249MjA0NzA4ODczMjQmdXRtX21lZGl1bT0xNTUzMjEwNTU1MDMmYWQ9JUU2JUIyJUIzJUU4JUJFJUI5JUU5JUFBJUI3JUU5JUFCJTg1JUU1JUE0JUI0gAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTE3MDI4NjY3NjM0NjI5MTYYAA&sigh=3AEg6NR4sdU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_KrzfNoZlQyuD3avzE9CMVC_nge_HYBPwWva4XWxs1rH7TB2DnnnUUxSLKPTglhaXFhdrtEahCYHsW5pQ3ocl7dAuvzpEZqI1kVoYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225743569199699481125%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%2222%22:[%22true%22],%224%22:[%2202-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217646895980729540225%22}&andc=true

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1&C=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdqYV7mqPdgAAGPFAPfcLQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIsLoepTWOWi6FaBf_8f7z0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIsLoepTWOWi6FaBf_8f7z0%26google_cver%3D1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjYwMzM0NzE0NTEzNTczMw%3D%3D

Request Chain 155

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aa071ad0-c535-4670-aaad-c776edf266c6&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=255abcad-527d-4774-b3fc-ba41be7c1773&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Ddf0fe0fcef344ad09f5139985691d672%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=8373785&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_jci2&aid=2397188668551909698 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=df0fe0fcef344ad09f5139985691d672&SNR=1&GV=2&med=10

Request Chain 181

https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 203

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A//red.vtracy.de/tr_aa%3Fv3%3Dvi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710%26adid%3Dk31370318_s5106718_p387082572_c209119733%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1708824664044%26request_uid%3DJS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY HTTP 302
https://red.vtracy.de/tr_aa?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&userId=7339346046479693983&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY HTTP 302
https://red.vtracy.de/tr_cm?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY&google_gid=CAESEAYFcttBdabt2QY-USqQ9bA&google_cver=1

Request Chain 212

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 215

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1&google_push=AXcoOmRM7q3953PTO2kxepCn9u5FTu2dmQ8E7Q2ed6nEkxgLqYm_XAPOzZjWOQvr8MnYkuHDffXZ1_VzbiCrEbkAM2EWPb6n6GH_SudJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUxMTYwNzc2OTIzOTU2OTAyOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1

Request Chain 216

https://um.simpli.fi/gp_match?google_gid=CAESEDPE9I5WTzqqqblCvYxnKb4&google_cver=1&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJaeqhzTD9WatDdQats_i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BD803E5F2864E9692B0A4380A39D042&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJaeqhzTD9WatDdQats_i

Request Chain 217

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJHKSzcBsjFJBLh1FqrqERw&google_cver=1&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX0_kTrhpcPxheHCGwf5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzOTM0NjA0NjQ3OTY5Mzk4Mw%3D%3D&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX0_kTrhpcPxheHCGwf5

Request Chain 219

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZ7nO5zsmlHhz1WUyxwvzQ&google_cver=1&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4HbCY2Nb5F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4HbCY2Nb5F&google_hm=eS1RMUllMlBWRTJwRlFBV21lci4uZXBtdnZoYk9nclpZWn5B

Request Chain 220

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFrLap5uQ1sXlfKerg4Do5w&google_cver=1&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdGSiZOQxbxC5LU4KKGz74YCp4z HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFrLap5uQ1sXlfKerg4Do5w&google_cver=1&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdGSiZOQxbxC5LU4KKGz74YCp4z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4OTA5NTczNDY2NTYwMTM5NQ&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdGSiZOQxbxC5LU4KKGz74YCp4z

Request Chain 244

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aa071ad0-c535-4670-aaad-c776edf266c6&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=255abcad-527d-4774-b3fc-ba41be7c1773&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Ddf0fe0fcef344ad09f5139985691d672%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=8373785&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_jci2&aid=2397188668551909698 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=df0fe0fcef344ad09f5139985691d672&tids=15000&med=10

250 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.csgowinner.com/
Redirect Chain

https://csgowinner.h2887616.stratoserver.net/
https://www.csgowinner.com/

25 KB
5 KB

197ms
73ms

Document
text/html

81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: cb3116def1a116ef898d8832dae3977d186806688e27d0f2272810d362da509c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4303
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Feb 2024 01:31:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PleskLin

Redirect headers

Connection: Keep-Alive
Content-Length: 322
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 25 Feb 2024 01:31:01 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.csgowinner.com/
Server: Apache

GET
H/1.1 200
OK style.min.css
www.csgowinner.com/css/ 18 KB
4 KB 47ms
44ms Stylesheet
text/css 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/css/style.min.css
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5d79022f45ec1f26e7482de77a0b71e28b1be1085b4162284af65ee787f7d53c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 16:41:23 GMT
Server: Apache
ETag: "4669-5b96bbdf2d2c0-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3795
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.csgowinner.com/css/ 28 KB
7 KB 94ms
45ms Stylesheet
text/css 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/css/font-awesome.min.css
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2016 09:44:28 GMT
Server: Apache
ETag: "7187-532b61eef7700-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6666
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Germany.png
www.csgowinner.com/img/lang/ 292 B
602 B 126ms
39ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Germany.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: d38352829ca38502cc18ecfaf0cf1e8a902b254ffaf17cc4ce4a678e89c830fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "124-4d76956a47900"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 292
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK United-States.png
www.csgowinner.com/img/lang/ 389 B
699 B 126ms
39ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/United-States.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "185-4d7695a750900"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 389
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Turkey.png
www.csgowinner.com/img/lang/ 489 B
799 B 113ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Turkey.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: a3eb96eb32ba1e63c6c8e6931e50260c38c12d0ee0a36157144fc527c6a0b46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1e9-4d7695a380000"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 489
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Russia.png
www.csgowinner.com/img/lang/ 287 B
596 B 119ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Russia.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "11f-4d7695906d300"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 287
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Poland.png
www.csgowinner.com/img/lang/ 290 B
600 B 96ms
38ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Poland.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 02eb4635a154110cef52f4b19949630a4caa6065dfae9b4eb4c2ed5f6ad017f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "122-4d76958e84e80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 290
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Netherlands.png
www.csgowinner.com/img/lang/ 295 B
604 B 45ms
39ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Netherlands.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44df7cfc5c2ac696735be3dc6868464527d7532ba27c1b457bb5c8475dcc3917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "127-4d769584fb800"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 295
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK logo.png
www.csgowinner.com/img/ 3 KB
3 KB 45ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 6ebc15f291d34f9c00142d250aeed6adbfb0c23a60766d5619d7e7488814d570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "c92-5359179c46f40"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3218
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoempire.png
www.csgowinner.com/img/supporter/ 7 KB
7 KB 53ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/supporter/csgoempire.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9a6ba8e7f261b6df6ee177bd8acd88a5998e7b9372e25ee82f05abd02d1dffb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1b30-59be76f250100"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6960
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast.png
www.csgowinner.com/img/supporter/ 21 KB
21 KB 60ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/supporter/csgofast.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ffd64ed138a4765a5e50d9b4f3e1741bc96b54711f2ac6c47ba5f6ac881bae29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "5432-553e145011880"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21554
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 404
Not Found 96fx96f
steamcommunity-a.akamaihd.net/economy/image// 0
2 KB 175ms
46ms Image
text/html 193.108.153.23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://steamcommunity-a.akamaihd.net/economy/image//96fx96f

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-23.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Content-Encoding: gzip
Date: Sun, 25 Feb 2024 01:31:02 GMT
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=59
Connection: keep-alive
Content-Length: 20
Expires: Sun, 25 Feb 2024 01:32:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 117ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b64c55ad31a65e350b81efd21df468a04e0374f5b313166628176b59ab4fb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51165
x-xss-protection: 0
server: cafe
etag: 3617321792571081846
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 25 Feb 2024 01:31:02 GMT

GET
H/1.1 200
OK csgoempire_logo.png
www.csgowinner.com/images/logo/ 7 KB
7 KB 76ms
44ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgoempire_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 0f38d474df76c934e63f0795a86afc2c0f43fa7f68f71f0a8dbecde5cc407fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1a70-5b9081706a62d"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6768
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoempire_com_screenshot.png
www.csgowinner.com/images/preview/ 48 KB
48 KB 47ms
46ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgoempire_com_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 46fca5bc03de756ba3e8dd391fbc426e997ad3e4ec25b5d4d558097fb36fd6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "bfd0-5b908170824fd"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 49104
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 219ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgofast.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 8c287fb55c8e47837e5db868c506af289a781e0e23e26542a54bab953fc1ffb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1653-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5715
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast_match_betting_classic_jackpot.png
www.csgowinner.com/images/preview/ 52 KB
52 KB 45ms
44ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgofast_match_betting_classic_jackpot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: f6b74ce0132ebbc0b21b93fd3e33e3654d4b6c64d77a8ed8eb972a823c9f3595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "d066-540427f75d080"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 53350
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoroll_com.png
www.csgowinner.com/images/logo/ 27 KB
28 KB 256ms
43ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgoroll_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 03dc6d2ed3949907c7c3a4e9bec2450fe8f54fcd4e809e5b9f52ad10e63f4899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "6da4-54042803c2dc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 28068
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK CS_GO_Roll_crash_game.png
www.csgowinner.com/images/preview/ 35 KB
35 KB 46ms
46ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/CS_GO_Roll_crash_game.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b27e8bedcc2d6768e063b1e560eac8588c5289b386f0044957d7f9b4e0dee063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "8a62-54044bf00ae80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 35426
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgo500com.png
www.csgowinner.com/images/logo/ 2 KB
2 KB 129ms
52ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgo500com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: fb95b15a656443132dc0d73391a091f5226fda25d4f196708f5d6387b4dedf96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "665-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1637
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgo500_com.png
www.csgowinner.com/images/preview/ 26 KB
26 KB 46ms
45ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgo500_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 8cbbe56157eeb0b9eb02e18ac9a725364a4e49507f9097f3be666ddc608cae2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "68c3-54044bc42c700"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 26819
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopositive_com.png
www.csgowinner.com/images/logo/ 34 KB
34 KB 240ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgopositive_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: d77952a0a550490748d0a1fd6d8678f55d975c49393036e0383cdda47de30115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "87b4-5546392af22c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 34740
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopositive_com.png
www.csgowinner.com/images/preview/ 33 KB
33 KB 45ms
45ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgopositive_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b4320212081e66aa38a7db937e407fb3a160f0facde884ac6b4edac60e01c581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "8422-554708987c500"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 33826
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopolygoncom.png
www.csgowinner.com/images/logo/ 7 KB
7 KB 213ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgopolygoncom.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b3e6114f446c5024498df5f4d31c11906c1f544fd345a952b48c947f1340d7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1bc9-540427f668e40"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7113
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopolygon_com_screenshot_2020.png
www.csgowinner.com/images/preview/ 39 KB
39 KB 43ms
43ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgopolygon_com_screenshot_2020.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5d19ee104570129d5d62a2abe03a575e24fb2065f47e397e1cac255ce9a705e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "9bf4-5b908120452cd"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 39924
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgohowlus.png
www.csgowinner.com/images/logo/ 2 KB
3 KB 137ms
46ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgohowlus.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 777ec37f18f4f6b8b25a28728580c4eab8b3b87a62305e67cc2da8ec33de36b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "916-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2326
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgohowl_us.png
www.csgowinner.com/images/preview/ 24 KB
24 KB 42ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgohowl_us.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 20d23c9cce0d600760903a969ae1dca144537dc1aec81a644cb50abdb90275f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "5edb-540428744b740"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 24283
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rollbit_logo.png
www.csgowinner.com/images/logo/ 4 KB
4 KB 162ms
42ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/rollbit_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 199d9e9059d6b7b70055caaca073e2baae78d8d60e65e7e8122eb90092eec713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1078-5a54b902494c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4216
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rollbit_screenshot.png
www.csgowinner.com/images/preview/ 36 KB
36 KB 47ms
46ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/rollbit_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 0cab69b0150e4b5fd510f5aa6f9523e2f9c9e861c80d8049e43ee4c866eea99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "9013-5a54b902494c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 36883
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK gamdom-logo.png
www.csgowinner.com/images/logo/ 3 KB
3 KB 262ms
42ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/gamdom-logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 63e7fd3b97891f08d6f1c202a08a08dad5ba1f863e8a2ccc61e0bfaca9a63104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "af2-5b9087e3510ce"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2802
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK gamdom-screenshot.png
www.csgowinner.com/images/preview/ 54 KB
54 KB 39ms
39ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/gamdom-screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5da155d3ca2f5e066f6e0a45f3f9d08bbfbabe037e522642436fa2c9174f3822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "d7e5-5b90862e6d9e3"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 55269
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK sclash_gg_logo.png
www.csgowinner.com/images/logo/ 6 KB
7 KB 171ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/sclash_gg_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44254363fc2f102b3bf465aebcc45c1f02e2be3ac27791865be1060c00bd59b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1990-5feac07c64f9f"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6544
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK sclash_gg_screenshot.png
www.csgowinner.com/images/preview/ 54 KB
54 KB 39ms
39ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/sclash_gg_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1f765c8e2fccb3263555175fc73f5fc13f8157d5ac04190f942bff8baf143f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "d672-5feac07ca2801"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 54898
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rustix_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 183ms
43ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/rustix_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: e4aa77873ae0f5d483f306952bfe612d98e16ef913f31c4b0673929ef86b1c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "16ce-5feac1ac74451"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5838
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rustix_screenshot.png
www.csgowinner.com/images/preview/ 32 KB
32 KB 41ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/rustix_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ab1a28b09c89595ba0f4b502bf4b905df55f92ea5cac6445ae84052ae3c8b1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "7f63-5feac1acb5f1b"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 32611
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK insane_gg_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 140ms
44ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/insane_gg_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5ab68e592ac2d966e7007a776edf0ad97d7b3bc8b60ab1347441ab0513720cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1879-5feac3c098be6"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6265
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK insane_gg_screenshot.png
www.csgowinner.com/images/preview/ 60 KB
61 KB 38ms
38ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/insane_gg_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9b4979df8bfc20adf5e598bfbd458bc75e31b4158b8bd4be5ce0efac6ecc9497

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "f12f-5feac3c0f3139"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 61743
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK farmskins_com.png
www.csgowinner.com/images/logo/ 37 KB
37 KB 211ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/farmskins_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 4739c37317987b888b06374bdf8ff0171d30618629a434f6f825a5669c343c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "92a4-54bf1e83bfbc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 37540
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK farmskins_com_case_opening.png
www.csgowinner.com/images/preview/ 49 KB
49 KB 40ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/farmskins_com_case_opening.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ea63ce1b2a485b9800aa531b2ce16ee49c4bc14aa78ca725ccde2f9488c54725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "c31c-54bf1e82cb980"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 49948
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK hellcase_com.png
www.csgowinner.com/images/logo/ 11 KB
11 KB 266ms
43ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/hellcase_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: a6bc36e79ba0dab4e04ba487397f07627e0236e281f550a1022c291b406ed859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "2bff-5404281d82a80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11263
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK HELLCASE_open_cases_CS_GO.png
www.csgowinner.com/images/preview/ 46 KB
47 KB 37ms
36ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/HELLCASE_open_cases_CS_GO.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: c69de2ade9274cb24e61b4b229e5671c3ba96cb4dc3a74532bb67f334ced6eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "b967-54044bf1f3300"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 47463
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK cs_money.png
www.csgowinner.com/images/logo/ 793 B
1 KB 179ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/cs_money.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: db79517b7a05edf295f973e5edf5685c8c7c625c713ffc14c9221d58bd8e24da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "319-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 793
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK CS.MONEY_CS_GO_Trading_Bot.png
www.csgowinner.com/images/preview/ 45 KB
45 KB 38ms
38ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/CS.MONEY_CS_GO_Trading_Bot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1d2ebef5cb88188e11bc1278256887405a23560e31c797fe3054f1beeb4a3ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "b3f7-54044bf0ff0c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 46071
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK datdrop_com_logo.png
www.csgowinner.com/images/logo/ 33 KB
33 KB 85ms
46ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/datdrop_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 76271d26de2ef4a92554784dbd313ff18c2351aeca003204a110fcd7ebe31cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "820b-55f4949534ac0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 33291
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK datdrop_com.png
www.csgowinner.com/images/preview/ 39 KB
40 KB 34ms
34ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/datdrop_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: e100674ed0fd5275a2cabb99db8e14c19e89f9010b5da60e4c6784c2b0e522be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "9ce5-55f4949534ac0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 40165
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK pvpro_com.png
www.csgowinner.com/images/logo/ 14 KB
14 KB 76ms
44ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/pvpro_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: cdad555a81d211db7836ba1f6d36e6cd1e3431a247a8ea5d61ebcfc4573d647e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "3621-54042803c2dc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13857
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK PvPRO_CSGO_1vs1_games.png
www.csgowinner.com/images/preview/ 57 KB
57 KB 35ms
34ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/PvPRO_CSGO_1vs1_games.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9e26ac48adcbf43b74eff0774888dde0ad05b0593295b65574e8725ff04d24d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "e47e-54044c1077b00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 58494
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgetto_com.png
www.csgowinner.com/images/logo/ 34 KB
34 KB 202ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgetto_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: fd995724e7abb3af88abe834b55be70de1da605acf321aeb241a25326448cace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "8890-54c0942ff5680"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 34960
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgetto_com_jackpot.png
www.csgowinner.com/images/preview/ 56 KB
56 KB 36ms
36ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgetto_com_jackpot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 217c17b6cd94d35015ac89cf1c29ad469ad2cf17f1789387a9b1418da928ab00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "dea5-54c09430e98c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 56997
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK primedice_com_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 224ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/primedice_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44f4aee0d1453ce449f0face3ffe70707fbb83bce3c653d4faa339339b7c621a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "1644-57f0ba3eadfc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5700
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK primedice_com_screen.png
www.csgowinner.com/images/preview/ 21 KB
22 KB 35ms
34ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/primedice_com_screen.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 36ea03ae73d9ba9883ed8420c796d7661df4846a17aadae944941716dc97c07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "54d7-57f0ba3fa2200"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 21719
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK roobet_com_logo.png
www.csgowinner.com/images/logo/ 5 KB
5 KB 172ms
41ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/roobet_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 67d70e67f86468efb430662fb2617e2288984f995246d58cb7f8037b7d25d4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "13eb-59be107102a00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5099
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK roobet_com.png
www.csgowinner.com/images/preview/ 39 KB
39 KB 34ms
34ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/roobet_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: acde349098d7d482fff028104b7d8f87bf6593f5436a7d7e6ca3a543a8ecb131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "9c07-59be107102a00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 39943
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK jquery-3.0.0.min.js Show response
www.csgowinner.com/js/ 84 KB
30 KB 334ms
48ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/jquery-3.0.0.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 Jun 2016 18:22:02 GMT
Server: Apache
ETag: "15145-535918c2f6680-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30005
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK design.min.js Show response
www.csgowinner.com/js/ 1 KB
784 B 46ms
46ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/design.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 36a084f537375d0519cc402e60b8ef780656a5acf18d7916fe2a6d2e9b6fa153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 23:43:50 GMT
Server: Apache
ETag: "4fe-54bfb43cdf980-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 387
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK home.min.js Show response
www.csgowinner.com/js/ 2 KB
1 KB 44ms
44ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/home.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 71636cc0df2794b439212c2c77b0aab204391926b754b69dcc779f0d83778362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Apr 2017 15:36:04 GMT
Server: Apache
ETag: "686-54cbd9dd40100-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 693
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK header.png
www.csgowinner.com/img/ 222 KB
222 KB 45ms
40ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/header.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 80248151b5242dbf4c2291e7d6e9140d38ccefa9d2afe5bd04929ad231750ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Server: Apache
ETag: "37637-535918563e600"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 226871
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.csgowinner.com/fonts/ 75 KB
76 KB 41ms
40ms Font
application/octet-stream 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.csgowinner.com/css/font-awesome.min.css
Origin: https://www.csgowinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:02 GMT
Last-Modified: Tue, 25 Oct 2016 09:38:00 GMT
Server: Apache
ETag: "12d68-53fad439fee00"
X-Powered-By: PleskLin
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 77160

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 408 KB
138 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1702866763462916&plah=www.csgowinner.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef28c24c782645efb2297c9e44fb12f6cb3f7e6eea9ebb69d4e5685ac598e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141575
x-xss-protection: 0
server: cafe
etag: 16521236975079667032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:02 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3CFD 130 KB
42 KB 300ms
237ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1708824662&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824662262&bpp=4&bdt=202&idt=131&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&correlator=2306123912379&frm=20&pv=2&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=148

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1702866763462916&plah=www.csgowinner.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed7d73d2d133cb5410db4ca93f3cb33b2fb6455c36258e11f942fd99b3c99248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:02 GMT
expires: Sun, 25 Feb 2024 01:31:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Feb 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Feb 2024 01:48:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F8B 247 KB
37 KB 328ms
328ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&adk=1812271804&adf=3025194257&lmt=1708824662&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.csgowinner.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824662516&bpp=5&bdt=456&idt=5&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=18

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60f898809f0dc5334f1acb2ae99236028fee0ce3e4896b6b6e894273bbcf600f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:02 GMT
expires: Sun, 25 Feb 2024 01:31:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 31ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=72481753&t=pageview&_s=1&dl=https%3A%2F%2Fwww.csgowinner.com%2F&ul=en-us&de=UTF-8&dt=The%20biggest%20CS%3AGO%20gamble%20sites%20listing%20%7C%20CSGOWinner.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1302355847&gjid=508734499&cid=1094523460.1708824662&tid=UA-75922103-1&_gid=1208694991.1708824663&_r=1&_slc=1&z=1946950288

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

97fe4d79aea42c609f78ad3de0492dc9aa285e7fcb2bd9f1c06e5e1ffac2cd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csgowinner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csgowinner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 111ms
39ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8XXKX2F00B&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

163d36f7dc83c8fac015bd44e37a861061ba61157be5f418cb11f86841cf0e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Feb 2024 01:31:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3CFD 14 KB
2 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1708824662&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824662262&bpp=4&bdt=202&idt=131&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&correlator=2306123912379&frm=20&pv=2&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 01:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 01:05:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Feb 2024 01:31:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3CFD 2 KB
903 B 169ms
76ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 14:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 14:49:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3CFD 23 KB
9 KB 120ms
32ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3CFD 3 KB
2 KB 115ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3CFD 20 KB
8 KB 116ms
29ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3CFD 204 KB
61 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 3CFD 36 KB
15 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 19:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:39:36 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10633618843369417823/ Frame 3CFD 47 KB
47 KB 134ms
50ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10633618843369417823/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

864a5588c641a8f5c399f0b1efd4532996d9b734684375c6b79f34491e59b9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 07:32:08 GMT
date: Wed, 21 Feb 2024 07:32:08 GMT
x-content-type-options: nosniff
age: 323934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47705
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 07:12:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 3CFD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3CFD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 88ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8XXKX2F00B&gtm=45je42l0v9111405220za200&_p=1708824662653&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1094523460.1708824662&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.csgowinner.com%2F&dt=The%20biggest%20CS%3AGO%20gamble%20sites%20listing%20%7C%20CSGOWinner.com&sid=1708824662&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1180
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XXKX2F00B&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csgowinner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 166 KB
56 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5f16b8ad9b0f8e7d8f55e4ef9eaeb5622cd77f9a6d8cba99442650d9139dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57369
x-xss-protection: 0
server: cafe
etag: 14821727319410384437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:02 GMT

GET
DATA 200
OK truncated
/ Frame 3CFD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 101cd6134fe937beb40dcd2afa9798fb30cc28a9ae28f0e777587c935a843c65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFC3 35 KB
14 KB 206ms
205ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=940&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0&nras=2&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf40c66887487cc9e1898ed78b35b942b249d2b3412ad2b73901b4b14a2e811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94C0 31 KB
13 KB 245ms
245ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc0d0014985be076e802e72babdb19960b299ede4bbc07b193c4ce69636ab2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:03 GMT
expires: Sun, 25 Feb 2024 01:31:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3CFD 33 KB
34 KB 80ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 04:54:54 GMT
x-content-type-options: nosniff
age: 333369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 04:54:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3CFD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMUGOVpjaZd65HqaM7_UP_f240ATN-KCfdc7_x9iSErCQHxABIJnv7xFglfqagqwHoAGItd7cKcgBCagDAcgDywSqBIMCT9D1YCXxvlFoLDP2MuJtD8Xid7g0-1ShfO1jaUxYYX5f1BKGlBk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225743569199699481125%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_wind...

0
0

111ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225743569199699481125%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%2222%22:[%22true%22],%224%22:[%2202-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217646895980729540225%22}&andc=true

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5743569199699481125","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"22":["true"],"4":["02-25"],"6":["true"]},"priority":"500","source_event_id":"17646895980729540225"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 01:31:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5743569199699481125","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"22":["true"],"4":["02-25"],"6":["true"]},"priority":"500","source_event_id":"17646895980729540225"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DB8 50 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:20:11 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 4DDB 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:49:49 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 18:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 3FF9 9 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:49:49 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 18:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame BD11 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:49:49 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 18:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 4343 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:49:49 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 18:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 120ms
56ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Feb 2024 01:31:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4DDB 5 KB
790 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 00:56:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Feb 2024 01:31:03 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 4DDB 15 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6496
x-xss-protection: 0
server: cafe
etag: 2240975554753911238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:45:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 4DDB 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9139
x-xss-protection: 0
server: cafe
etag: 14231659491099539135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:13:33 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 7E37 93 KB
38 KB 267ms
45ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
last-modified: Tue, 06 Feb 2024 16:37:22 GMT
vary: Accept-Encoding
x-azure-ref: 20240225T013103Z-17155evc755em1ut943sc8q6qg00000001q000000000crcc
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 845d0be0-e01e-0085-1482-66bae1000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 65950067

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/241/ Frame 7E37 81 KB
28 KB 186ms
46ms Script
application/x-javascript 2.18.96.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/241/trk.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-175.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 03:22:23 GMT
Server: AkamaiNetStorage
ETag: "0a80c859b54b27e94d766577dcd37bc5:1707880943.060178"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27925
Expires: Mon, 24 Feb 2025 01:31:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7E37 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7E37 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7E37 204 KB
61 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0566 49 KB
19 KB 192ms
80ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvcH_YtDAAr2Lz_ft2BbYhg6KuefvQ&u=%7CuQ0TUZO7D2oXDIfR7rP%2BRBshMPg83ZB1bH6sBV15vZc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zvUa-jc8nSvNP0VScVBYaAugJLvcqeaMk4Rh_WWk3ICs90xoMjsv8nKnNk65NFkCp51UL0LJo4FLYTWm68f8EOhnZrM_S_rP2rbJGE-JTU516K9YIi7FEWvTs0M5IUw2LAq08ddsZWw8YBfAyN_evVzT6sn1bvFmzjfGc-1r2DnHQLJ-JG8M-VQd_XrDh1KdUtJJfneS1JAbasyeNbAjfpfwrKV-DQAnlmf93UekqN9Knplz6Uq4b_y3MLU3cE7PCTblDO2snVDqjSQDj-JouhKyOAOrDlNkHsynn6gHr5bee0X252jAzKc7zriwGzGiMIJHtF_YxYeTefgiY1wtCE2m_1DPt2o9JWzy044DIPJmYTm-GACM-ox82ssPdI-hNfnxCkIxp3Kz8fvD6H3LXRJ7jNs0lStJ0BSeZyJswQjaq63NGGX1cFERUoEhpSbKftHA5nEUClKOB9Kc6LsDc9WnveR5SbIxjBPYCrvkPm5r7n7ify1nsxz1Hero9lH1-h6BMsH0DYFm9zgOEQUEVNKLYqjYw_Es9-QVwX1tquN8cp_4-V_Ds6KhsWDeJSMPWA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCooR-VpjaZfelIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT8AU_QCXqB13ffyaqIVt2kqhHmEh6Kk50m18_zhDABeFmGDjmiZ_ob7fIMMKf2W8rwhNaFcQX9oQBzeVokW4EIaXODh9xjEGsAqK9YkV-duN3OngOebs5vdoQdwDZb6HTnAnJMF7JJ8nWQUeReV1jrNwUFb2QlWB5PTs2du6AE64HGnmtut5Wq7XyXWXq-CXAvxH4rXWCMiEe2ODNjpLF_7Ho7xxiHEPd5k8Sq7DnWCjluievSENofS6ZJP1Gyka-UHKHYT_JUKjNY_g0SDi9X5Fk-Fby2KmbEm0TAtKQey4BV_p8UYTjC-ldVXcYnNLAoa2Gc7eI6YZjg1Mlq74AGsK7b9r7fjrydAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgJQISL39wTpYt4T796vFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_389k_Kn-nKa3gPlPmIhvUAeB6izQ%26client%3Dca-pub-1702866763462916%26adurl%3D

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef5c51b2516b39380ae3d2dcef4c53961466a57129bcc6f7df5c5408aa54922a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dkMdCVWk6BrVyxGsqo3d6bcuwhWbpKGl5e3I0TXlkZNkzAufO0fM_TbVyu1tkD3kDwL293dRasJXCdlxZ_IKn2WS4vbzqyXTctoKj51NsTUcdk1rDP6TrJ8hijGRq1tNisq5PBdlgnVVF5BH5F2vpdujG2KcLe7qVCYBNaBITK6wlFdqxk4faC-h5DZNoDRYQABw2TypB6st13GyaC2q8xyIT1B-sK8JkvQ_4O4anivXcPwQ_YhsolxAuW5AEJOsEw1VTA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3007732
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D38B 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D38B 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D38B 204 KB
61 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7835 0
16 B 40ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBC4qCgYsOithgIwAQ&v=APEucNXPZxFERvmVmI-2_kHOR5PohmXVIBiMLnFiBKstrPSzEZkhEnXgSZnzWbs65e2nInuKkv9ElCFGwtzcQ_rUA5RgDmHXIFtCodoT9vid1d8RPgt81H5UI3hRgTZoSwAMOUOXWe0SgMPk6BXxr0_U3O8_-cEp8eNuSFjL0fgPCW3fKR6Aksg

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AB11 93 KB
33 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:03 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame AB11 18 KB
8 KB 103ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 25 Feb 2024 01:32:26 GMT

GET
H2 200 dbm
beacon.sojern.com/imp/ Frame AB11 42 B
199 B 149ms
42ms Image
image/gif 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dbm?auc=ABAjH0gWt_e5GzDHLh30DZrViSrc&li=20984698066&cr=550204464&io=1015640613&seg=&src=https://www.csgowinner.com/&ord=1708824662561912
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 ca Show response
choices.truste.com/ Frame AB11 21 KB
8 KB 191ms
120ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=1708824662561912&js=pmw0&w=728&h=90&admarker=dynamic&cid=sojern

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-5.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e9254a067e4dbba942102a9c247d7d7191ecccaacca7956a230e94b3e1079764

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA60-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7291
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: KNLRAjKoXIDpZzbS4qYSSWAx9DjqDJ8LCTyDYkh3zYoCw8QN-TUXMg==
expires: Sun, 25 Feb 2024 02:31:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame AB11 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame AB11 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB11 204 KB
61 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB11 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQeok7AaGdjoaSDJaZ9wPC5KNtB_ksJ8WBtuFjHlXk3m3mZbWQD9E4HEhgjxCVfHIP_u6HuVwqgWaaCRKJ6gmcqIiAwqFBbTAIS73V7UMCaZvMMsc

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame BFC3 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=940&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0&nras=2&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:31:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame BFC3 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 18:32:06 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BFC3 204 KB
61 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8511 160 KB
53 KB 164ms
99ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVwAAdbIIu-7FAAUFFs48TzbcCsGBOaOR2Q&u=%7Cqy5517RwytGSmxw%2FjpA0ozzraiitAX9DL3Z3gI4vJ8U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcEBZyMbH-CF1nXcl5UwhjUzZa8wpMc1S5Ly3k8rV70eqVt78lC6tWTf6edoGtdqOdRJAEhHK0P3D1VcmT2YNu9zzeNRXRd8RHMyMrF1hFaPwk_mK4Nn2dWx5-jSxAdQSwtVMIDcmg-3empBbzQWSTEGqHh3Lz9xX6IW3XX-ud_onCyRw54Q4zx7IVQqjnKws-JNt6T7FT8B_2tTS_tFuh3ftN-QeSqr6EnRVmU2zqIsXUD0iNTGuqI6VpVkJFu6co2JV3QPJRPuhxCKL4J2_XyJnAaqA36fP3maZRsNHrWQ8bX1CobRN8YFUO1cXl2nYZ8lIfomeXMeDLFJNdVLe9kaAkKIFRzMCMWn8tTQOymfQV5hUm0ix1t5zxLgZMcWmEb0ImT1lguM1zr4aZYAUC78KfP3yd61AnwHE_xMvty3sXG9EokPk-fQ4Z9-f5LlAIUCTz25zaEpBP6A8pLwzhfA3zbDjZeqNHJk3OvF0PuR73s09kFUTAgjf-ht0zMapEajhcRx7hhsgQbzf5BVjV4xa4mDsWAxuEi28yXB5vCSgTyf_s6BFwLASqFSqJ6Qik&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8mTV5jaZbLrAcXd7_UPloqUqAfJntKxXPXqoYaIAcCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqQJzIH7huieyPqgDAcgDAqoEgwJP0MQPtPYY2O42m7oir4CSSLkhAImuDvxbTS8X-Z7MmYTt7_ujUkB8b7yi1W3nTueavQuYn-5eVjT_j5yp6sHeuk9WIkFPoY0ibOpIGCLsdCZK4p0pZJcqRa792H0yjMMVBkgrw2yBPVj_Q_DzBjqKl0HGGz3GvXcO8aJaTxrpsVkelL0ODRiN-OUvKLh5ob4NrUid2EplFGQ4aY65cPEAvIoLfV9xhDILJZk8tR-oz0zX4zV3y7eKGKkufJDv9Zv7VJPyJCy4k1Oyo2RRmVf3ZPthBx-JjfGzvtkE1QTkNV0fgrtERN9yUzdNKBZHqF5ZVgJJXXHw-9tHd3LOaQwJNiDjgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUCEi9_cE6WL_Ul_irxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yd720YXB9pJk99YlQqVaM6m4eNg%26client%3Dca-pub-1702866763462916%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

198a2a28077dcb715db9ed4af5e3ab5da5e3eb97df4eed422785e6bc975e4510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-muEc1Wk6BrVyxGswpZNxm9nKt6-9G2ynp-Zibs7i9oswRh0UPmfSMUmd5xP9A87mge-1sksh7fV4GFRO9y7cjuw7YiK2CHqUyCogTkVkLBetr_2No1OBlv3Pbth3wB0g1jaSpTF72yxTXBp1z7nVWTWsPJ512JTdxLGZs0Q37syTFcfYQih44m-hqpONKua2h1K6CfTr5re8jwXDMxTZN3XAKBE3967i1XXxF3pwwEg8LIrvVDcm4MS2aZ41twjNHzFlw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 43582957
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3379 624 B
242 B 42ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWESRz-ercbx0e_oVDtDqsevYd4BN5MHoJOnlQUlyrhYz1Y7Tak3Uf_DAHlR6fMYDAOOxlCfmz2gW08ApK5Xt5sx42Yc4cDoxAdhLRGBAIiW-7vGtEUoxnS7gfxwq7DF_SepSUZClg2PAnhO14VvgEEY6ONDwn3rV8A5V8UhnZ-V4YktZ4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7389 93 KB
33 KB 47ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7389 3 KB
1 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7389 20 KB
8 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7389 0
0 97ms
33ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCchROi3mSM0TOoU3zJvewAwbtZ0J2zjviqUCK4z3x3re_GoMkUpcPRm_6o14MuiwDSYFWXbXIuBKHqc00o80eZfwwPw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7389 204 KB
61 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7389 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C07bg2pffxrvtKOnhbx1cKrUc-cXubc1JftX2w4anrlXqNa2z2zZbFyxHN8WJL9ZogNG0oaVoqQzDYe_xJqyRBNlmDAtdG20pTY7rKIdUbkWd20k4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E1AC 183 KB
55 KB 188ms
151ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvQH_YtDAAr2L6qntKKO7G2k_MkOwQ&u=%7CuQ0TUZO7D2oJ15OCOE8g5HP3wYnZ1rd8YYMUornff1M%3D%7C&c1=oP5_e7JVVt10ydGCSQJP_joAcgJGzOMEyCmBEYhmIgwm4-vvT_dTlMllZ7xIoLqU4WXNnD9ltKdBnxoo-Jm2KeWn9HTixSRB_F79BZ0wnA56tm0M7O0BZr1Gw8XF-FDyxgLyezjhshYcg0XnlCDoCeeQSKYi9wl6ZPgyX3RKs8JeBgzScxfKynwEva90xa7hBBPB62o-M9zZirgyyv50erMfFSTjZtIB2hSRpCRokuxzo0gxKO6HAuI7iGwRVhbnNwjU6KdTgF6lWolaHD6HjIDWdV2F6UuCJQ6rpkyyKv5VYFqzYrPvzAydsOR7WwCq-TKcKp9RAaI1tWPBDM0Cr5i8nFIFB_RfMlvtB_lJeCx-lyFN7SZ2SIn9JJhI1qiTACwQD-JOfQwBspEdMCfkK3iky8GOKy36DpjHMnYPr2RPxWhMRJDfrR6eAePGVGoafQjOUGFBHbTjWCP82u1Lcy11IG4ElNmO3ha97Pz-E5t7y2yairoYuLboF0Ke7DydR7rDeRupijIUI5WVN4KbeKlJus-ZcSYJLcksTK_z1jFILnqPXHgcIoluJOXgd0ws4KMe8ub7UAPc9bhycrB3mizQPfhvkfK_nWkuIJ_2aGECYRTqFD7lA3oUlnob9hUxGJy-_CJ82-ED3HwFBRCBqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YPJVpjaZfSlIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT-AU_Q1h-OKrvzpii08JrUFzRobjTmnRXaXoawx5RaqNPUW5EXw0-ZaJb1bPQF3zxvdSZlL1e8QNZ4IS6lYYiOVyrJDwNtOJFg3O8eUS7K_mncnJYQyD-xJqp7nWBgIs4lTlwi6BrpYkYVUg7wnQe1rZU3FJ968OR4G7DYzfgf2Xv8Po3u5mISKTyuazOARVbcYO2OIDbauCVnoXdsi3_d5uh9TgbjjtvRrEP_05x7Kkdcrhx79qYhyppvQhUlzSS0xx7VoG0qOz13DMyVEJSj_sEdOLDvdz7GykVngZJA3M-l4s3sZt73JO4DKqRYZLIE0VBYp7Wl7QV_VImumMKRgAaYudmtkeuds0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUCEi9_cE6WLeE-_erxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Xg_eQzm8hec2sVFjPkH81dDBRDw%26client%3Dca-pub-1702866763462916%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eeb230d2cf8b3621f4d6f622801948bc390e42e6f21c04255e2f10dc638db8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vyRzNVWk6BrVyxGsirFgyZmbCO1PusHYih_3DQDs_YWgLP6XcDLqsXvAUDxCHwIMTwEOmdbaxFK16gbbZiyL-fPXh6um68R0Z2YrHJuewsJjQATnx7vLNtkOLNElD9-DbiVEV_FVqt4wjMCWa9YpBrQW0DcNlLOiO3FDu4ye4or_rutFMNWaLUtT1qh2nR42VdsMN2hM9jddN593CkbtfSIcIe8qZEihDuzFObEJKhq-hG5A7bQa5wUGEIGBzmHYBfX0ow"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57301058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame F49D 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 17:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 17:49:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame F49D 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:04:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F49D 204 KB
61 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 00:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 01:31:29 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3379
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1&C=1

43 B
773 B

47ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWESRz-ercbx0e_oVDtDqsevYd4BN5MHoJOnlQUlyrhYz1Y7Tak3Uf_DAHlR6fMYDAOOxlCfmz2gW08ApK5Xt5sx42Yc4cDoxAdhLRGBAIiW-7vGtEUoxnS7gfxwq7DF_SepSUZClg2PAnhO14VvgEEY6ONDwn3rV8A5V8UhnZ-V4YktZ4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vq2z6QwLy3EoJ%2F3Mm3jamQT9dtG2VNszTU9s6RM%2FIsKQxZm4sVPkDnvsJgz3ZzXzTjaqxa0V9OSzo%2FBiZaauPn8Ka6xUxU36AS1GSaAcZSOfVwMXoB%2BPDLcWHMel6TAkNvWJBW%2BBkVlHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85ac2fc32c9e92ba-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVegMehrI%2FQBybKs8K5ein0t7CnclUCEvASramH2sZPBXhRUmF5ODhLdzWOmmrsdNCZxeVLDNh9MSITX%2F%2Bneyf118VqIeen5O781LcS1zsHPt9YkX73%2BPpTw9iCJH6GhqbFF5JfTPlUmIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1&C=1
cache-control: no-cache
cf-ray: 85ac2fc2dd573665-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3379
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdqYV7mqPdgAAGPFAPfcLQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1

43 B
737 B

45ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWESRz-ercbx0e_oVDtDqsevYd4BN5MHoJOnlQUlyrhYz1Y7Tak3Uf_DAHlR6fMYDAOOxlCfmz2gW08ApK5Xt5sx42Yc4cDoxAdhLRGBAIiW-7vGtEUoxnS7gfxwq7DF_SepSUZClg2PAnhO14VvgEEY6ONDwn3rV8A5V8UhnZ-V4YktZ4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HKjhTIV08HlmWnfjv1Q3cavniS4%2Fgt5bVWlJRBgQ6JFGspqOFS%2BE04EWCj%2BhTlZ8YTgthaX0b%2FrR%2Bvmd9zacrhckEzcEyKz9ryEvS7DcaF4VjO2IfgiIOxEX4VWH1a%2BVlwEgn3JZfPcSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85ac2fc39cba92ba-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtrpqw0FjVSCXhPO_1vKKE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 3379
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIsLoepTWOWi6FaBf_8f7z0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIsLoepTWOWi6FaBf_8f7z0%26google_cver%3D1

43 B
1 KB

44ms
43ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIsLoepTWOWi6FaBf_8f7z0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWESRz-ercbx0e_oVDtDqsevYd4BN5MHoJOnlQUlyrhYz1Y7Tak3Uf_DAHlR6fMYDAOOxlCfmz2gW08ApK5Xt5sx42Yc4cDoxAdhLRGBAIiW-7vGtEUoxnS7gfxwq7DF_SepSUZClg2PAnhO14VvgEEY6ONDwn3rV8A5V8UhnZ-V4YktZ4

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: cf1e4625-a784-448b-9bc4-417832dc550e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: 0bef618d-1f82-4682-82e1-dde475b91571
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIsLoepTWOWi6FaBf_8f7z0%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3379
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjYwMzM0NzE0NTEzNTczMw%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjYwMzM0NzE0NTEzNTczMw%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: b6f9ac75-fd9e-4276-a7ee-ac57d7797afc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjYwMzM0NzE0NTEzNTczMw%3D%3D
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB11 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7463804502508&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB11 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7463804502508&version=m202401290101&ct=77&x=1&cor=2829063179117528000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AB11 35 KB
20 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSAiZTND31H_QdL1d9VWmqVjiQP-PJFPPUbWiJBzjoJDCpuaitoz9oScSk-9hCOk2Lpk7WnU3ZYmaarHBIaMr9JzRhDXdK86CNsl4vFR5DNeWTN7N6uDxgdRGr9nSlzB0K0Yhapl6GffE08kKJwWgkO7gEcadBsn_nShbBxEmmbDFQKEh-NJPHuOJCtMIhsmhATbQJL5zPDA0zFMj85V3UhTpIpQ&cry=1&dbm_d=AKAmf-BMn8X8EmyygbHk3LXwkwS347I5Ry9-Tf9Cxxik_Uh80VKerngAjalQFuwMpW6VX75qidtR0FDgbjqkhOf83gxBD914czCdOdSB3dcDajCtmVfCMCeqGlIK-y2dzae2CRY1vbFNx3I5RMfaPWBC_0qHrdDtM-ompjTX6taAb8NcbtsVcPAR97jU36Rg6PSmHyfwTpx_tWMiNgSVvSg11HL710hS37UrLqs7yprfITnLxq6SVzmPh0adYYOntWtDcnABeJIt9j_5BTK4nMmkgWXKVyKTgV5yc0Es6Z57K_MalyKhXf-qqKRvk9txKQUE9TS-aK7kQj7tE5mEjJd3eTsqj1vaiXgumeLqNwdgJz_MtyqJNWjChSvpxsFBlNwUMKWem8d-l7cSK62wdtgIj6iPwdpOZ-dY24kkQsMvMiQ6kjAnnPdKl09ryy8x9mjMiMDolwo5n8YsO98ihztRHb15i__SJ7I_9G4C6YJz4bNa76gJCEzcpa9TcbRj29Ka1NoaEMHkTumGpyFCw8TreNj0VZ43OeqRgrE_qTgggrlHMOb0-TUKW1Vcru73Veb8bv-NsllReWo5LrJ2GFV1F8Kp2rwuiBesE-8e1Q2OBN4GJBTxr5ZpV8jCeq2s55XU5bPH2BNwrOpCjCVYBCpZT18eHud88LmKUBJGusx9il7AYOoc7x7XN-6vTPN6Ga9I2XCkiSCEqDuYbtakP6s9OC0PqEizI1I9awjNUiumGvS6BZKvo5ws6-5jGdwsnL6MLKzwaVq3w7e9AFHUiwT83z_akmV-xYCjlvCmU0ePi4xHOgoD_9s3RJsoDbDMR6nEXC-5buBA9nWvIJRsmQ3bQUZ_o7A-T1hjBfjQ1rx3aH9GgnaHVj3pBa0pKOxD0x1FYPivuJoK7j6r-0QM3xlWFenVC1w_R4MEnz_WHKiaZNf_7N0czhv0tPG5AgsKnNpmJD60ODDq1tiF-Q6mqALcRgFVbNS1thC4jTC8W2s5aecSFqOPjreV9wrXv_cFc7KWWcorJ83HXZL7QNCSwbFSI2P2qsIRk8IW9LSsz28sUAKuIhj6P_KOL_3_IuL-fKKw_T9t-0Xc92G7szWKmRYdTZXYIs1xN85-TQnWUCwTPOXgUXxtDkHIsgPUY5Xun1AD4eEjlI6Gw_t3AoVaW8k77cvnNiW2IeAJvjs7N4s0SdaQMPArUzhWnQoMdwUf0ZlsGnboGTtOvv-4JE1B7K4yI0SRx1kqinWRKaDljbu3O6tZYi6IQF-4pdO46K9Posl-XJ1-NGT_rEsVmrBFMxT-fo8a8f0V72peBre4Pcf7JvwvZqoQgS4UuSd9PQjPX_FyjtQGbBHnmsP5kagXDR4DJu77A9kpTUVhkA_VQPRcCOWu5QtodNzR85NKZq9yhS9L8dmUnwy6BqGgARv37_U0L27FAAH0o-t8p67i-fWrNEKEFBjCgp3Fnp2kIKQ0kf6dEnTU5RsmH03x_1v6auEJeQyWzTn-z4ku8dk6McuG_ii2kqttJhfGvnIT67UvnCwGOrZcVIKijpciMfoPT2I6k2JTvgWYI-eU0p-NzqDMseXKLxY3o_ZQjsg83ttLbk5TzSMmP7ruje_4VclyKe-2Mw93bu1hj3XR0THWIYh3ddeRlQxZKMGfChySi8tilwGZTmFjFnwVZ-Q9VTwc37mIh7AH8zAV12bw5qMORBNTUKlFN0Q5bAGQhKjil4IgosTWsSMxTqm3B2g6JL1_A98QQ7I2JYAHig02226yRN_95hI3DVQBi8oruMQ5EU3f8SgKchfdxC2qQImC09J-ijHc5wB5DOy85kiFGToUQhTXbsZg1RFugIqUTgY3eI6Alh7gEVj4F5xkj33pKmSYfGrxfGTipU7UQTnzm4GAKY4SN6ZwTGi1sU0MHswbGJ9UhGya9Zyfnbkxhk5UhCUcJOLe3YXReyK0dOdllA2Qmk1WVdOUKbbLyvaqg8c0WduOUAFw4vZxggH6DGNPd3Pfn3TNiKO5zkyT4g0_ACCo893dCehKxWD0XICmBTy4xk-MHNn7KnLWdzDnRQYBLbq0jbQafq5WjhtM0mWn1J0EmbcMZc5Q9ocorOzGJGiqIYeamx4E0DgCKexA6Ab--zCqG96dF2NYOQEqryjR0ErQzm9IRGqNlKChUQb_qq0L0heROHyEjW_jZuxWAzumG0WvYU99Hz45YOv5LDmh3oNkk76lx7i0DrkB5Z0e7jlCRnxP017a6QJrNfQ2-aBglO1t9q2G8Ar8enUEgpJ5HuDORH87e3t2pXiy2hE5z8OwF1sg9QsOHI7NbdoEEYlrNb8xiOfkrkPuVkVOFl9O3TvPVSfLt4binAeWeGhoEF3Na_VFOhhO65er74YT31aACgIpttkPZxlhc0EWkPfQUvyS-mVBnTk_wPl36EfvWdIrkW7O1vpgJ8UXOQ3mCHOF28oktMRqbUnHatYotQ-dCCkE3GMu5L-lN21YYr1yhNb8POVhcGHhY0MT5p3__wTOBCIj2TsFpqeL6J4t7i2ld9dnFzn_wTVTLrlObUQ6SyH-L2oTSHEaTnND4Nq_H5G9qbo44EdeZi_DqJv5Ab8qMTiM2rkON919VDdtmLCftmOTBqmOUaGLCs1R9TDsgXIFA9wxcFx7T1Z1uAplHyher-_ZjAn7sdRxpTl6r_wR0dfVnFhzvP9j8y81YFf5hRreC7KcYeTIVJoduFceeH2mygO1t29WLpdzlwwDZEyuLm8uPg_Y7ZWLExKPiKCJOAHQ1T2GNnSlSPUV1wZx0isGFnK7EFAAWFqotO7CP1sFRfAMmHwfGU2m-9dR_ufOz527FK3c87UIm84XEI0PSdKM5Fvzxcdrj70oBJIaggjkzUcgb-U2uL3uihTrrRslW4_jjbJ-XfPEEw-29_VOF-EoY5jEKAJxQfQN6WsZSFyDtzFvi-fy9lxvdGfB9Xsid2u20lgRAGzAgeQlfeNubnf0sxIFoGEMEGiQL0NkmZ-ltioJyCxdvCX42-jyNlPEN3N34W6qfYvZuAM3nz09vXo5QwmhMJeN8Iv9Z3phMu1tU2StV3SSo32C087AcUC-wddIh40o3yClYIwyJuXJfX4BtCh_3v-XQ3fVN9HTNsvYbRKr12BDQNVLSudmWqsPF-Ibx3j9VAu4Ock5UCGhxiMJjmiGh0nuSjwknIHDXp3J9odwpPrJCFT7OP7MQen90k1s-EzodVQgAQqdV1zWkamDgnt1-oobj1Ztr6IHW-8xjCzyvTucmuU3QXEVi6JTEvlLNqgQ_dAddVntuGKnTykpRotcOEM0NA3XytPfYVc_L1ZOtT3WqtI5EQN3AiKQPEBI68iMihR6cpHwlmOjQYc1QMdBiy8risTPfVe2H8PGAGle_FQP-RXVqLCATuyObKcbQgHdQNMeQAVxox71oYf1gA-ctQNDRYsJAONoQ5d4LAJf9LQ6KWrPCCLzB_6H5_EkpLRL-xz-omKRJOrCnEcxxDjQScAjCGgzfZhk-zF27XNVIKyMwq9RZKhJC8INAtQ0D60KT6LZQoC6xQrgBu9dsJmzi9OhIIlRMwOCp25BJgioui5XNvoqNbU1YJS2p0ioRHLl481xkE2uzs6YfU3c_uHC887Sv00PcB2zUAu2LWmXHCQQDOv63YOVW8C3s8TEALQVqW7fJYx3fjqCwLGbWQRQH2aU5gwV8bjEsx3Y4ARnVpKMitRh6b35sQJb_z73yC-n6VXAhapGHOFsQi0ODEuUoifWQQA7TVOR4Li4f8o1nALEAXXLtQo6h-kUIJUl38EoRkLjHgpJOU9MmDXkqToOT-H3IjVoULRxFP6GGNY2FWwbL1TKjzkeozC6vumpMfog55IDmlnXNVLaVAHJTup0VkZlK2zf2aQxYLQWO1DpNI-KAy5G0M9e5xeYF9bWFy8kg_TVj1aosWvS28iDRk5PHiiU506GzoVDKIWDTeHq8y9kAwY43UyAPKfO5P9NeTdVbeQXYKS0sry-nQ&cid=CAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=2829063179117528000&adk=1877897942&idt=53&cac=0&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27a024b26c6762c5e95923c6869bb5b5197fd6c2bcd4cfc8e6d942b8a3e1d757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BFC3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a999043ff03463b5474ad5b57006b9b7976d6b58c88d9dff20c6e309ff232b8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7389 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4573860601934&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7389 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4573860601934&version=m202401290101&ct=77&x=1&cor=8427979348079025000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7389 34 KB
20 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYyjL920F_bb190TldX33tfUcled17r1QnKdaPMFRPJ_R_U1bA5pACWHdM_5-_9Fg_zdfsXLZAAEPkYFWmGAf2HA2RZQcuPrGz3jBVKYxUE2zUziN30wTXqBBdeJKxNWoykbQpSB2idnHK5zPt0-7QWGpo050N1QBbPFTQmWsZp2j6zSyZPTDf154-6CQ5gbVWZWY36dwEVHayH7HiEINtJ0UQPG2PHUY8c8Yo5NUzOxa0p84&cry=1&dbm_d=AKAmf-DYBZlZYM3X6F57A2d2Vf9k_j-eEj0G5flYYfUEpoFAtYoAQpx708DAzKB2vMF1gg9zPHe2jDqmnxG7RIKRAaMX8k51mele1vGEX4FIyqlftEPItS8NEBteppVfV7xi7j1LpjrUlpC9xziySeiGOnZYgnXC_So5N5SG_reAZ2e7QAG3zrYcICSxZ24gzrVa9Iepzdpis9z6EJHXAZzASe6hE7tEs6am-HdLH0vZXhqfIUPtEVxW9Ctu13sHvMFIrDxjru6PfZ-IYGzA08D8mHHaL0IyWi6JkCra5yH_jy7Ap_eZ0NzhefK0HHyqXGIMIXEyWbEZ2ZJYM-LXw9kwM5rDaNCNC_1be5VwFW0JSgZktdC26UCKzOO2RgTTq5VNZNfNvWK37pNJjiUxbkF0T5f-BrYngVayWnojq5vNemeGvOY3BhawsoWKNYWs8qUoWg-1-uwp8vnLPLODSag8t36J44TM7SHCbloaCOGb-pY-sutWAc5XZKXHroWt5QyyBD0CYy12DxTp1E3pd-veVswlCTeWs0jSU8tpo18WNizytgG5n27ja4T9xRDF7mFcDN5lrOYKdKG3IcIiTTXeLP_n1KqIw6uC9ur9GUQyawMDDsUv-5o75FNk5a0SW4SlQsLxNSf_YN9PZxkDEr4E6AsKVK0sbWTNJwhCjpc7DKTRDwxEwZ76L1upbt5N2x8VPe1WgwDAsmaoTdIZMvmyHF4I_nk9j5pBOrEkENqWyNe81LozvqPpX-aDTNgKm5Xv-mNNYv9sR370pSdQRQJ9_7buKybAns_dd4UwepjiBwnem8-Z-To7QPkArZ38t7spKzxz-k0RuNmLqgyodw0pCTQZBfe7Nd3oDuhqZr_cdsSMuRvsgHcdTwI6TlHYB65xArmPxeA_Nwd0rEXhhqu0glduUBeDr1WWe4Q2rJO0JpHRmMok7nwJdt1ycltz4-LYDCPbeV8siHN9qgZm2x68Q95kXXhlFoQuTz0GYRGrE_MQne8Nnv-fBsNNy7_z6qjHC4PsXCN8yaS9X3p8QvdPs8L3DUCXLuUwJIgWP3Z0RpSZLVyu5dILtJESHzr_Umqob5gNE2hLo61lUvBqNHHqE9IAupKi8rdnAVHeXP5oD-htm8pP2iwifsrFaaCoCKES3LbwU_vlwfSKEn4k2XngYbKZLrsz4ytl0yYLoSE6Dlc3i3z3YKJJsCnSVovJzs7TNtWWIy1Gpl8km6eKgzGQ_pcrL5gj-WqoWmbdf6DMneAAOJRWZkAmoM5Rzf4S3DReExaNjNyzmNvFJRKGmbngrfaueweA54braF0AaUV9vYXpXmYWi5tcdP53NIx3GAGxg8b_xo_leBPEEGP0oj_XWwWshcf8bG7IqkoMe9MVIDJBkefM3ROClHhOKElWNdHf7YWekpdHI26rlw-B3aS-vvgfGTkM4oFa78hW4Jqpux_qhM1DGJ8R1Q63f3fQs8Hh_J7cq70AGzY3QOjyNYz5ZLao1iRk281rjpzZP2sFT-QHGNNx9dDkctQXXoBVLCvONzQRWD9KqcnqHnFoFCj9syWrVFmldd-thxtEF1R-_O_7TbrCUr1DR9YvCAYaoDkPXZB1sxCYD6tzj-DCsySVU9WliS5IS8h1aVD0IEJVlPX8ep4EdJZKrk3T_kTucQ6p1wL3JBn47TkotNRg0WRhNLHaczOtcWOUbcwL526YCAAxSjv-T_YnPJ2gSA0p4QphMJlMYD-9gTr_bgtMq5DTVO6e17__6XwM-1YyOhwhx3K92GyJv6XRHCVDVp27PahGJ735nnyWOjcmiDjGq_8xKnqBcRJZ5GJFnWAWrfhMip5SAMxSD7hzj43qAFHPJrT8YbZZ0nVxTdw9CGWLd3m4gR-EhNeI7vrTeCUKYz7cSM5GDsw0uD0ygBNVzF7iBgqEOhD62ptTJqSsStwjGDJmNii43iFD3wZ9m0M2ycPry45QFg7-VLSAvubdzpIyPwoZbc28fnG_RyuaV-lLYfBNufmJClc7Bvx2tVE4xZ5wUoDOJgBEOA6sV0-JbKfzBfN9BEB0xm0_UmgFaCeNsAl4Jv1t6YlDB1B8z0nDEaSsqGvLTLZPgIEzXYglnHJ6EoDGRok9b5pvOZYKV2nKxS_WMUWKHMJothxcfrwYtQ9MFKvRbw0a2TLlpZlTeyl4L9IwcroVGndlS2BCjF60AWXv4WEgW2xYdhoks6P_V0xPQLd8J-5QUcB1ze7OwLsm6cVBXYQ1bX0MLNffdBXW9O_mo_kYupaB-Yc5fTegc-E1PwuNuty5N0e_HYVZnvPwLSEvg8VsiTv_Cr6MF-8bYoARid4JHuW_6cj7z9SBYfI_680qp1RiXK82rFK_h30WPe_qs0KWNi83rlbZfduzDbIC0nh8aHPlUFW2ILg7YmSBlnNwhRF0c3WPjaa3RW0EcPdik29Hk-BTzUnpwctRVWLFyKpGP-eCr4j0eQdNauYxc3kpBGPLRHHo3DQXfKYQa2ePNWMU4XIrj9B4XPQqrubuT0KYSNdjx2DfMg7zAN3xtBByNKUITI7aoTMPza6qezUW5WGg15XnOb_6tWB1NuutOgCmXTB7xOFUhWA9rILNe3St1AhCrVPb3e25YrFKVfCd4LSfLDNTIkK86TcWSM2ybfwLt9l5vXSJGZ17WMRon7GylFwpG4sGOk3QtRRFGRnietKx95gvtC66f8ZpwhrOhhb4alITYYQYfsaHPOU0ZyEtT0jJ8tsD8Ro33UYJXJkqgu1BbPQ8j6MdibwNLuW3k6CmqHtKDMP42B9N0zHHnbPX5yDWbW6DB3dbVhT3PnWq4CPmTKkkKyI_Jx8oLxFzasIeNUD4Oq5CPKb8VJ4FCralBqjDnocUfn-HKQq7bBfNS_vQV5fDxnMKAGr9AHS9RXwEJaQ9bUdCp9jfImUKzIkpo1iNkTMwvcRzmLNqtLVd1MCoxOMORBpIzJO1PxC77Rj0o17EpqrpglmpvNeXg7MtAq1hs9TZ20lMsJv0h5wNWoS4PSBpSOGPtNS6xMAOypjSBdGfI9OFcAAl5wKXo2xNMFtao6_wupjLomDzDG1R06NzN9sdKID-RMb5XRqSRcl_rSwjF6HBNNTlf49HrS-j0PDEidNHqizph_6U0fV8o80gBJs1IbRL3msEDRcxBb0F3-rD-iWHUo-JK0Vl5imbNB-Jf09oGPsffEcg-a2ZcOsj7_fTGaAG1ek9RWgCM4gYcNiiMoNj4Qp-mOr_YG5oVLddweU76hdZ54HOMWy87SyfOjbz2hVbUjNWLiWVDEj929KZcICydowNGWOAWYLJoKb0XRSjkU4GWP992MGJe2urF20MNTIC5F1vrwAaavrX7SDIDa1SrVUHdx45svgQVXHirn6G_BBoROg9EMy2dbRiYd76h6rckzGDLxp0-pfjmEJlKHQAeMd7gA-zhWKzvQ6KyWWqcUvX-fuwjI7ew8mSkkxqKJbIEDen7qKHbH9M-2I90zvCL06Z9EtyP_qcGWjZiktnxruPL1UwzNvNWTr8u3Iv9j1WkktIenk__h_viA1LNVLZl0W597_mXIZWqIJ-p_Uh9I0dcL8kfq7VcWTkrafp9po06dhy3q_rmIqctExfF6OnOrQ5sl_tsLShYaqv0wNcOB7eTrW1DzuA7haitmuWae3YHDWruB3rnwHx_T_gmr-zsEQrLTvzu86bxIDIZrmAUGbkoaa7GTdkruJKStEIG8rnLaVT01u0Y9bKJFoj4NqazBywN8B9RjMppFCzY_vkQT9q90WsUyukaT13bfwH8NUsJM9xPggt5TXGAh1O0vb8pTOpaiahUASztrNDWXOh4t5Thy-_0Wr-rFVB6rNUQUEG9OtVfARlYnkwqKhR7fFJaeDC-71HFxSoQh6X1-Ujqhsf7mS7Hqor9pJA9rN3ghtvQFwPkC2jeCFij8cqq-tm-0P7C-XP1YXwhi1y2wdvuG-oDzwJfABx3-vucVn7_RcvCsPEnHk1HVmp0OFtYfffx7PqbFFXJVBB6fLf80-P8YSHHnumNiAzMRQUAR70&cid=CAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=8427979348079025000&adk=497053792&idt=52&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc5b562bfcfa18100468075a293b6a68b7eb9bb02673771355863a8d8fb9afe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19995
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0566 2 KB
1 KB 182ms
95ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvcH_YtDAAr2Lz_ft2BbYhg6KuefvQ&u=%7CuQ0TUZO7D2oXDIfR7rP%2BRBshMPg83ZB1bH6sBV15vZc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zvUa-jc8nSvNP0VScVBYaAugJLvcqeaMk4Rh_WWk3ICs90xoMjsv8nKnNk65NFkCp51UL0LJo4FLYTWm68f8EOhnZrM_S_rP2rbJGE-JTU516K9YIi7FEWvTs0M5IUw2LAq08ddsZWw8YBfAyN_evVzT6sn1bvFmzjfGc-1r2DnHQLJ-JG8M-VQd_XrDh1KdUtJJfneS1JAbasyeNbAjfpfwrKV-DQAnlmf93UekqN9Knplz6Uq4b_y3MLU3cE7PCTblDO2snVDqjSQDj-JouhKyOAOrDlNkHsynn6gHr5bee0X252jAzKc7zriwGzGiMIJHtF_YxYeTefgiY1wtCE2m_1DPt2o9JWzy044DIPJmYTm-GACM-ox82ssPdI-hNfnxCkIxp3Kz8fvD6H3LXRJ7jNs0lStJ0BSeZyJswQjaq63NGGX1cFERUoEhpSbKftHA5nEUClKOB9Kc6LsDc9WnveR5SbIxjBPYCrvkPm5r7n7ify1nsxz1Hero9lH1-h6BMsH0DYFm9zgOEQUEVNKLYqjYw_Es9-QVwX1tquN8cp_4-V_Ds6KhsWDeJSMPWA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCooR-VpjaZfelIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT8AU_QCXqB13ffyaqIVt2kqhHmEh6Kk50m18_zhDABeFmGDjmiZ_ob7fIMMKf2W8rwhNaFcQX9oQBzeVokW4EIaXODh9xjEGsAqK9YkV-duN3OngOebs5vdoQdwDZb6HTnAnJMF7JJ8nWQUeReV1jrNwUFb2QlWB5PTs2du6AE64HGnmtut5Wq7XyXWXq-CXAvxH4rXWCMiEe2ODNjpLF_7Ho7xxiHEPd5k8Sq7DnWCjluievSENofS6ZJP1Gyka-UHKHYT_JUKjNY_g0SDi9X5Fk-Fby2KmbEm0TAtKQey4BV_p8UYTjC-ldVXcYnNLAoa2Gc7eI6YZjg1Mlq74AGsK7b9r7fjrydAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgJQISL39wTpYt4T796vFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_389k_Kn-nKa3gPlPmIhvUAeB6izQ%26client%3Dca-pub-1702866763462916%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0566 2 KB
1 KB 166ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0566 308 B
636 B 152ms
97ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0566 293 B
621 B 173ms
118ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0566 43 B
348 B 137ms
32ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OxorMcr_JHu-aApGjay89s2BtLmYy1YULR3QXKOu0aL1CFm88wAA81Pk9CLQk-HhFqvmhs4RlH1XMmo-cf25EHjxuTCdya4pRbTwwW9CSTdAlFS0sGHrziQVs8U3s4dOENJkF5LRZxmsWT9sMIPfDmuqjpT54gns7JXoxvTBlEbCQNEA3zROhjk6GvVCWws3sE1_65MzPfqz2xE88zU5glPEoq0jpPV7aBFqC4z6ZY6q5RU0HJvTerjOiffJrTlLmzgyM07gRtvke5vszKjGxU_kMfTMpJFboHrWD3uYX9zTysXnlRxreN98_uhu69l8wGTHgf0mlmT4NPW66fuWTiZ452VpUtE1pg51aKtizwXGn4nmPlplQ369qBO-657DKR017SITOdyrdcSfDmoGDQflUgelsH3UEA-74qFZMb05ALrK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1846244
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1e33c6fff2914dfbaf7f2fea92351758_image_ad_160x600.gif
static.criteo.net/design/dt/9292/5237550/ Frame 0566 43 KB
43 KB 135ms
81ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/9292/5237550/1e33c6fff2914dfbaf7f2fea92351758_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

84d00c3e0810ccb3cf024554431a024d63499ab8e3d512a1d43027d061c1a566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 Jan 2024 16:59:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65a8078a-ac62"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 44130
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8511 2 KB
1 KB 165ms
94ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVwAAdbIIu-7FAAUFFs48TzbcCsGBOaOR2Q&u=%7Cqy5517RwytGSmxw%2FjpA0ozzraiitAX9DL3Z3gI4vJ8U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcEBZyMbH-CF1nXcl5UwhjUzZa8wpMc1S5Ly3k8rV70eqVt78lC6tWTf6edoGtdqOdRJAEhHK0P3D1VcmT2YNu9zzeNRXRd8RHMyMrF1hFaPwk_mK4Nn2dWx5-jSxAdQSwtVMIDcmg-3empBbzQWSTEGqHh3Lz9xX6IW3XX-ud_onCyRw54Q4zx7IVQqjnKws-JNt6T7FT8B_2tTS_tFuh3ftN-QeSqr6EnRVmU2zqIsXUD0iNTGuqI6VpVkJFu6co2JV3QPJRPuhxCKL4J2_XyJnAaqA36fP3maZRsNHrWQ8bX1CobRN8YFUO1cXl2nYZ8lIfomeXMeDLFJNdVLe9kaAkKIFRzMCMWn8tTQOymfQV5hUm0ix1t5zxLgZMcWmEb0ImT1lguM1zr4aZYAUC78KfP3yd61AnwHE_xMvty3sXG9EokPk-fQ4Z9-f5LlAIUCTz25zaEpBP6A8pLwzhfA3zbDjZeqNHJk3OvF0PuR73s09kFUTAgjf-ht0zMapEajhcRx7hhsgQbzf5BVjV4xa4mDsWAxuEi28yXB5vCSgTyf_s6BFwLASqFSqJ6Qik&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8mTV5jaZbLrAcXd7_UPloqUqAfJntKxXPXqoYaIAcCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqQJzIH7huieyPqgDAcgDAqoEgwJP0MQPtPYY2O42m7oir4CSSLkhAImuDvxbTS8X-Z7MmYTt7_ujUkB8b7yi1W3nTueavQuYn-5eVjT_j5yp6sHeuk9WIkFPoY0ibOpIGCLsdCZK4p0pZJcqRa792H0yjMMVBkgrw2yBPVj_Q_DzBjqKl0HGGz3GvXcO8aJaTxrpsVkelL0ODRiN-OUvKLh5ob4NrUid2EplFGQ4aY65cPEAvIoLfV9xhDILJZk8tR-oz0zX4zV3y7eKGKkufJDv9Zv7VJPyJCy4k1Oyo2RRmVf3ZPthBx-JjfGzvtkE1QTkNV0fgrtERN9yUzdNKBZHqF5ZVgJJXXHw-9tHd3LOaQwJNiDjgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUCEi9_cE6WL_Ul_irxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yd720YXB9pJk99YlQqVaM6m4eNg%26client%3Dca-pub-1702866763462916%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8511 2 KB
1 KB 198ms
128ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8511 308 B
637 B 89ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8511 293 B
621 B 127ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8511 43 B
347 B 130ms
33ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ju2Jcg3q6iApeMCS0-LItuQqq3qB1PKg_n_IqoK0-IKcN604UWsgf-zX3cMtyPONhV4AH7MvAExBgH_mR3rlZI5K7sXRCqI8HiLLXV_l72pqxYLeyjsPwOgM1q7q-CfnhtFNIOWBsyG1Utf7f8lLLEF4PlhRSiEFLlTWiG2Zoqqv8yTO2Aqk1zhXB48ZLEeWILSm25YVQGRaaFyQ3SP9OTAJEbShNxQZa9DWFhls69kJTH91pJHFayLARrKpNMcdNU2oeMWnw2ENKd_P-4M2WtfZwFljgU0TmfyDNHTyNlne-UNTHZw0zERjjiMybXeUSjm0ZxfvssE4lXle4qGIlR9bOkL6hcvUQfUc8QECosdONG1wuMDcuETdxr5lGx0RtKDN4QTKQQvv3Q7evU76-DAukV3AVWfaAFZwZEqe7vSbh3iIxBakta_S3qNJaJT70vEWJw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2169659
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E1AC 2 KB
1 KB 178ms
122ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdqYVgAIkvQH_YtDAAr2L6qntKKO7G2k_MkOwQ&u=%7CuQ0TUZO7D2oJ15OCOE8g5HP3wYnZ1rd8YYMUornff1M%3D%7C&c1=oP5_e7JVVt10ydGCSQJP_joAcgJGzOMEyCmBEYhmIgwm4-vvT_dTlMllZ7xIoLqU4WXNnD9ltKdBnxoo-Jm2KeWn9HTixSRB_F79BZ0wnA56tm0M7O0BZr1Gw8XF-FDyxgLyezjhshYcg0XnlCDoCeeQSKYi9wl6ZPgyX3RKs8JeBgzScxfKynwEva90xa7hBBPB62o-M9zZirgyyv50erMfFSTjZtIB2hSRpCRokuxzo0gxKO6HAuI7iGwRVhbnNwjU6KdTgF6lWolaHD6HjIDWdV2F6UuCJQ6rpkyyKv5VYFqzYrPvzAydsOR7WwCq-TKcKp9RAaI1tWPBDM0Cr5i8nFIFB_RfMlvtB_lJeCx-lyFN7SZ2SIn9JJhI1qiTACwQD-JOfQwBspEdMCfkK3iky8GOKy36DpjHMnYPr2RPxWhMRJDfrR6eAePGVGoafQjOUGFBHbTjWCP82u1Lcy11IG4ElNmO3ha97Pz-E5t7y2yairoYuLboF0Ke7DydR7rDeRupijIUI5WVN4KbeKlJus-ZcSYJLcksTK_z1jFILnqPXHgcIoluJOXgd0ws4KMe8ub7UAPc9bhycrB3mizQPfhvkfK_nWkuIJ_2aGECYRTqFD7lA3oUlnob9hUxGJy-_CJ82-ED3HwFBRCBqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YPJVpjaZfSlIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT-AU_Q1h-OKrvzpii08JrUFzRobjTmnRXaXoawx5RaqNPUW5EXw0-ZaJb1bPQF3zxvdSZlL1e8QNZ4IS6lYYiOVyrJDwNtOJFg3O8eUS7K_mncnJYQyD-xJqp7nWBgIs4lTlwi6BrpYkYVUg7wnQe1rZU3FJ968OR4G7DYzfgf2Xv8Po3u5mISKTyuazOARVbcYO2OIDbauCVnoXdsi3_d5uh9TgbjjtvRrEP_05x7Kkdcrhx79qYhyppvQhUlzSS0xx7VoG0qOz13DMyVEJSj_sEdOLDvdz7GykVngZJA3M-l4s3sZt73JO4DKqRYZLIE0VBYp7Wl7QV_VImumMKRgAaYudmtkeuds0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUCEi9_cE6WLeE-_erxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Xg_eQzm8hec2sVFjPkH81dDBRDw%26client%3Dca-pub-1702866763462916%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E1AC 2 KB
1 KB 176ms
120ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E1AC 308 B
636 B 121ms
118ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E1AC 293 B
621 B 122ms
119ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E1AC 43 B
347 B 85ms
33ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EfM5dhgQR5weyx4qPXqBnVJVOFOwe10pLePlU1uNsSk--_R9uMkZXYR4DkBgULx1-jKZPFu3_qT3KhmVlyfBrDrdFwIAzViYl1KAyGH5d_kSMrZ9h3tJBL3vSkXEt0gBrFGLbmBZsL05CBwBCALucTQG2SnrH1Oub2Fapyzyo8OLvgIcKICp43ur5m7bedWYrjKNNfLA1EHOm-eTkUk2WtnyZq4CdpyDU5PakdPhMIlk8pvn9g1QTf8uKm0rCR3QZJxYddeAp7G_bk3NtRtjn8Xeuh2fbM4MOQAvHolkdotAeQVkYeoeX0v1gW7oASFYMn4KcodHXzXPhNZCnJnuQdCcYRFoFqRsLW-_QjfG9kwY0fx-n5AOMkL8IofAwPr9ClPhSk89JWD4AxzpbW31w2lxfRGaQFAtxMaWRtuioZ8YZJ1NB5BcaYC863Yw5ooXQZHuQQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2008045
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8511 12 KB
6 KB 166ms
127ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame AB11 30 KB
11 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSAiZTND31H_QdL1d9VWmqVjiQP-PJFPPUbWiJBzjoJDCpuaitoz9oScSk-9hCOk2Lpk7WnU3ZYmaarHBIaMr9JzRhDXdK86CNsl4vFR5DNeWTN7N6uDxgdRGr9nSlzB0K0Yhapl6GffE08kKJwWgkO7gEcadBsn_nShbBxEmmbDFQKEh-NJPHuOJCtMIhsmhATbQJL5zPDA0zFMj85V3UhTpIpQ&cry=1&dbm_d=AKAmf-BMn8X8EmyygbHk3LXwkwS347I5Ry9-Tf9Cxxik_Uh80VKerngAjalQFuwMpW6VX75qidtR0FDgbjqkhOf83gxBD914czCdOdSB3dcDajCtmVfCMCeqGlIK-y2dzae2CRY1vbFNx3I5RMfaPWBC_0qHrdDtM-ompjTX6taAb8NcbtsVcPAR97jU36Rg6PSmHyfwTpx_tWMiNgSVvSg11HL710hS37UrLqs7yprfITnLxq6SVzmPh0adYYOntWtDcnABeJIt9j_5BTK4nMmkgWXKVyKTgV5yc0Es6Z57K_MalyKhXf-qqKRvk9txKQUE9TS-aK7kQj7tE5mEjJd3eTsqj1vaiXgumeLqNwdgJz_MtyqJNWjChSvpxsFBlNwUMKWem8d-l7cSK62wdtgIj6iPwdpOZ-dY24kkQsMvMiQ6kjAnnPdKl09ryy8x9mjMiMDolwo5n8YsO98ihztRHb15i__SJ7I_9G4C6YJz4bNa76gJCEzcpa9TcbRj29Ka1NoaEMHkTumGpyFCw8TreNj0VZ43OeqRgrE_qTgggrlHMOb0-TUKW1Vcru73Veb8bv-NsllReWo5LrJ2GFV1F8Kp2rwuiBesE-8e1Q2OBN4GJBTxr5ZpV8jCeq2s55XU5bPH2BNwrOpCjCVYBCpZT18eHud88LmKUBJGusx9il7AYOoc7x7XN-6vTPN6Ga9I2XCkiSCEqDuYbtakP6s9OC0PqEizI1I9awjNUiumGvS6BZKvo5ws6-5jGdwsnL6MLKzwaVq3w7e9AFHUiwT83z_akmV-xYCjlvCmU0ePi4xHOgoD_9s3RJsoDbDMR6nEXC-5buBA9nWvIJRsmQ3bQUZ_o7A-T1hjBfjQ1rx3aH9GgnaHVj3pBa0pKOxD0x1FYPivuJoK7j6r-0QM3xlWFenVC1w_R4MEnz_WHKiaZNf_7N0czhv0tPG5AgsKnNpmJD60ODDq1tiF-Q6mqALcRgFVbNS1thC4jTC8W2s5aecSFqOPjreV9wrXv_cFc7KWWcorJ83HXZL7QNCSwbFSI2P2qsIRk8IW9LSsz28sUAKuIhj6P_KOL_3_IuL-fKKw_T9t-0Xc92G7szWKmRYdTZXYIs1xN85-TQnWUCwTPOXgUXxtDkHIsgPUY5Xun1AD4eEjlI6Gw_t3AoVaW8k77cvnNiW2IeAJvjs7N4s0SdaQMPArUzhWnQoMdwUf0ZlsGnboGTtOvv-4JE1B7K4yI0SRx1kqinWRKaDljbu3O6tZYi6IQF-4pdO46K9Posl-XJ1-NGT_rEsVmrBFMxT-fo8a8f0V72peBre4Pcf7JvwvZqoQgS4UuSd9PQjPX_FyjtQGbBHnmsP5kagXDR4DJu77A9kpTUVhkA_VQPRcCOWu5QtodNzR85NKZq9yhS9L8dmUnwy6BqGgARv37_U0L27FAAH0o-t8p67i-fWrNEKEFBjCgp3Fnp2kIKQ0kf6dEnTU5RsmH03x_1v6auEJeQyWzTn-z4ku8dk6McuG_ii2kqttJhfGvnIT67UvnCwGOrZcVIKijpciMfoPT2I6k2JTvgWYI-eU0p-NzqDMseXKLxY3o_ZQjsg83ttLbk5TzSMmP7ruje_4VclyKe-2Mw93bu1hj3XR0THWIYh3ddeRlQxZKMGfChySi8tilwGZTmFjFnwVZ-Q9VTwc37mIh7AH8zAV12bw5qMORBNTUKlFN0Q5bAGQhKjil4IgosTWsSMxTqm3B2g6JL1_A98QQ7I2JYAHig02226yRN_95hI3DVQBi8oruMQ5EU3f8SgKchfdxC2qQImC09J-ijHc5wB5DOy85kiFGToUQhTXbsZg1RFugIqUTgY3eI6Alh7gEVj4F5xkj33pKmSYfGrxfGTipU7UQTnzm4GAKY4SN6ZwTGi1sU0MHswbGJ9UhGya9Zyfnbkxhk5UhCUcJOLe3YXReyK0dOdllA2Qmk1WVdOUKbbLyvaqg8c0WduOUAFw4vZxggH6DGNPd3Pfn3TNiKO5zkyT4g0_ACCo893dCehKxWD0XICmBTy4xk-MHNn7KnLWdzDnRQYBLbq0jbQafq5WjhtM0mWn1J0EmbcMZc5Q9ocorOzGJGiqIYeamx4E0DgCKexA6Ab--zCqG96dF2NYOQEqryjR0ErQzm9IRGqNlKChUQb_qq0L0heROHyEjW_jZuxWAzumG0WvYU99Hz45YOv5LDmh3oNkk76lx7i0DrkB5Z0e7jlCRnxP017a6QJrNfQ2-aBglO1t9q2G8Ar8enUEgpJ5HuDORH87e3t2pXiy2hE5z8OwF1sg9QsOHI7NbdoEEYlrNb8xiOfkrkPuVkVOFl9O3TvPVSfLt4binAeWeGhoEF3Na_VFOhhO65er74YT31aACgIpttkPZxlhc0EWkPfQUvyS-mVBnTk_wPl36EfvWdIrkW7O1vpgJ8UXOQ3mCHOF28oktMRqbUnHatYotQ-dCCkE3GMu5L-lN21YYr1yhNb8POVhcGHhY0MT5p3__wTOBCIj2TsFpqeL6J4t7i2ld9dnFzn_wTVTLrlObUQ6SyH-L2oTSHEaTnND4Nq_H5G9qbo44EdeZi_DqJv5Ab8qMTiM2rkON919VDdtmLCftmOTBqmOUaGLCs1R9TDsgXIFA9wxcFx7T1Z1uAplHyher-_ZjAn7sdRxpTl6r_wR0dfVnFhzvP9j8y81YFf5hRreC7KcYeTIVJoduFceeH2mygO1t29WLpdzlwwDZEyuLm8uPg_Y7ZWLExKPiKCJOAHQ1T2GNnSlSPUV1wZx0isGFnK7EFAAWFqotO7CP1sFRfAMmHwfGU2m-9dR_ufOz527FK3c87UIm84XEI0PSdKM5Fvzxcdrj70oBJIaggjkzUcgb-U2uL3uihTrrRslW4_jjbJ-XfPEEw-29_VOF-EoY5jEKAJxQfQN6WsZSFyDtzFvi-fy9lxvdGfB9Xsid2u20lgRAGzAgeQlfeNubnf0sxIFoGEMEGiQL0NkmZ-ltioJyCxdvCX42-jyNlPEN3N34W6qfYvZuAM3nz09vXo5QwmhMJeN8Iv9Z3phMu1tU2StV3SSo32C087AcUC-wddIh40o3yClYIwyJuXJfX4BtCh_3v-XQ3fVN9HTNsvYbRKr12BDQNVLSudmWqsPF-Ibx3j9VAu4Ock5UCGhxiMJjmiGh0nuSjwknIHDXp3J9odwpPrJCFT7OP7MQen90k1s-EzodVQgAQqdV1zWkamDgnt1-oobj1Ztr6IHW-8xjCzyvTucmuU3QXEVi6JTEvlLNqgQ_dAddVntuGKnTykpRotcOEM0NA3XytPfYVc_L1ZOtT3WqtI5EQN3AiKQPEBI68iMihR6cpHwlmOjQYc1QMdBiy8risTPfVe2H8PGAGle_FQP-RXVqLCATuyObKcbQgHdQNMeQAVxox71oYf1gA-ctQNDRYsJAONoQ5d4LAJf9LQ6KWrPCCLzB_6H5_EkpLRL-xz-omKRJOrCnEcxxDjQScAjCGgzfZhk-zF27XNVIKyMwq9RZKhJC8INAtQ0D60KT6LZQoC6xQrgBu9dsJmzi9OhIIlRMwOCp25BJgioui5XNvoqNbU1YJS2p0ioRHLl481xkE2uzs6YfU3c_uHC887Sv00PcB2zUAu2LWmXHCQQDOv63YOVW8C3s8TEALQVqW7fJYx3fjqCwLGbWQRQH2aU5gwV8bjEsx3Y4ARnVpKMitRh6b35sQJb_z73yC-n6VXAhapGHOFsQi0ODEuUoifWQQA7TVOR4Li4f8o1nALEAXXLtQo6h-kUIJUl38EoRkLjHgpJOU9MmDXkqToOT-H3IjVoULRxFP6GGNY2FWwbL1TKjzkeozC6vumpMfog55IDmlnXNVLaVAHJTup0VkZlK2zf2aQxYLQWO1DpNI-KAy5G0M9e5xeYF9bWFy8kg_TVj1aosWvS28iDRk5PHiiU506GzoVDKIWDTeHq8y9kAwY43UyAPKfO5P9NeTdVbeQXYKS0sry-nQ&cid=CAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=2829063179117528000&adk=1877897942&idt=53&cac=0&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f43ea6cbbf261394f83dc2f3425942bf6ddf498490f6cecfbf38739c1ff8b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11549
x-xss-protection: 0
server: cafe
etag: 13750958460409166979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:14:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AB11 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:47:52 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODgyNDY2MzQxOTUzMQogIHNlcnZlcl9pcDogNzk2MjY0MTYKICBwcm9jZXNzX2lkOiAzNjQxMjcyMTMwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQ5MTY3NDUK...
ad.doubleclick.net/ddm/activity/ Frame AB11 0
861 B 144ms
59ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODgyNDY2MzQxOTUzMQogIHNlcnZlcl9pcDogNzk2MjY0MTYKICBwcm9jZXNzX2lkOiAzNjQxMjcyMTMwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQ5MTY3NDUKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NvamVybi5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTM5ODAzNDMwMzQ1MjI4MTc0NDkKZGVidWdfa2V5OiA2MjU0OTU0MzY5MzIxNDU0NDk4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0yNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ5MTY3NDUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODcyODA1MTgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDY2MDUzNgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDk4NDY5ODA2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU1MDIwNDQ2NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9zb2plcm4uY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc2luZ2Fwb3JlYWlyLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0CmRtYV9wcm9kdWN0X2lkOiAxMjI3MTU4MzcK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x95bdd835f8a659940000000000000000","13":"0x59ad65ec17be72850000000000000000","14":"0xe40ac11a844223500000000000000000","15":"0xea421f0b949d7f5f0000000000000000"},"debug_key":"6254954369321454498","debug_reporting":true,"destination":"https://sojern.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4916745"]},"priority":"0","source_event_id":"13980343034522817449"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame AB11 59 KB
23 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:03:51 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 7E37
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aa071ad0-c535-4670-aaad-c776edf266c6&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=255abcad-527d-4774...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=df0fe0fcef344ad09f5139985691d672&SNR=1&GV=2&med=10

0
545 B

76ms
75ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=df0fe0fcef344ad09f5139985691d672&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22DF12C83200429784655F090BD2EF18 Ref B: FRAEDGE1911 Ref C: 2024-02-25T01:31:03Z
x-cdn-traceid: 0.92a12417.1708824663.20cd8472
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 25 Feb 2024 01:31:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3401F8D3CFF4EBCB0CE83F275F8E7F7 Ref B: DUS30EDGE0417 Ref C: 2024-02-25T01:31:03Z
x-cdn-traceid: 0.92a12417.1708824663.20cd8417
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=df0fe0fcef344ad09f5139985691d672&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 7E37 12 KB
13 KB 148ms
41ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215966252299_1FZJ9XE5XQA4OQ3CVS&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6a1a1650d23e02a7d4df6c1ac18e19dc4f230af5cf0e072a519c8abe83f86ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1708824663.20cd8418
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12754
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 7E37 0
967 B 62ms
48ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.csgowinner.com&e=wqT_3QL8A-j8AQAAAwDWAAUBCNaw6q4GEMKig8XKzKGiIRgAKjYJJvlpLbbGnz8R_0P0XtNUnz8ZAAAAoJmZyT8h_w0SACkRJMgxAAAA4FG4rj8wmYz_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4AIABAYoBA1VTRJIFBvBSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWNzZ293aW5uZXIuY29t2ALwBuACoqgx6gIaaHR0cHM6Ly93d3cuY3Nnb3cVJvB9gAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBarMnaWSwsj-OcAFAMkFAAAAAAAA8D_SBQkJCQx0AADYBQHgBQHwBcg0-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXKQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=4a3f90bd20471593f706023d23054ad2112203bb&bdref=https%3A%2F%2Fwww.csgowinner.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.csgowinner.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240221%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1702866763462916%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D3,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240221%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: be23c270-7136-4d62-ab05-c1b445e36dd6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E1AC 12 KB
6 KB 126ms
126ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0566 0
128 B 152ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dkMdCVWk6BrVyxGsqo3d6bcuwhWbpKGl5e3I0TXlkZNkzAufO0fM_TbVyu1tkD3kDwL293dRasJXCdlxZ_IKn2WS4vbzqyXTctoKj51NsTUcdk1rDP6TrJ8hijGRq1tNisq5PBdlgnVVF5BH5F2vpdujG2KcLe7qVCYBNaBITK6wlFdqxk4faC-h5DZNoDRYQABw2TypB6st13GyaC2q8xyIT1B-sK8JkvQ_4O4anivXcPwQ_YhsolxAuW5AEJOsEw1VTA&sds=2&rev=90787.5&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Feb 2024 01:31:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0566 2 KB
1 KB 115ms
114ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0566 2 KB
1 KB 114ms
114ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 7389 30 KB
11 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYyjL920F_bb190TldX33tfUcled17r1QnKdaPMFRPJ_R_U1bA5pACWHdM_5-_9Fg_zdfsXLZAAEPkYFWmGAf2HA2RZQcuPrGz3jBVKYxUE2zUziN30wTXqBBdeJKxNWoykbQpSB2idnHK5zPt0-7QWGpo050N1QBbPFTQmWsZp2j6zSyZPTDf154-6CQ5gbVWZWY36dwEVHayH7HiEINtJ0UQPG2PHUY8c8Yo5NUzOxa0p84&cry=1&dbm_d=AKAmf-DYBZlZYM3X6F57A2d2Vf9k_j-eEj0G5flYYfUEpoFAtYoAQpx708DAzKB2vMF1gg9zPHe2jDqmnxG7RIKRAaMX8k51mele1vGEX4FIyqlftEPItS8NEBteppVfV7xi7j1LpjrUlpC9xziySeiGOnZYgnXC_So5N5SG_reAZ2e7QAG3zrYcICSxZ24gzrVa9Iepzdpis9z6EJHXAZzASe6hE7tEs6am-HdLH0vZXhqfIUPtEVxW9Ctu13sHvMFIrDxjru6PfZ-IYGzA08D8mHHaL0IyWi6JkCra5yH_jy7Ap_eZ0NzhefK0HHyqXGIMIXEyWbEZ2ZJYM-LXw9kwM5rDaNCNC_1be5VwFW0JSgZktdC26UCKzOO2RgTTq5VNZNfNvWK37pNJjiUxbkF0T5f-BrYngVayWnojq5vNemeGvOY3BhawsoWKNYWs8qUoWg-1-uwp8vnLPLODSag8t36J44TM7SHCbloaCOGb-pY-sutWAc5XZKXHroWt5QyyBD0CYy12DxTp1E3pd-veVswlCTeWs0jSU8tpo18WNizytgG5n27ja4T9xRDF7mFcDN5lrOYKdKG3IcIiTTXeLP_n1KqIw6uC9ur9GUQyawMDDsUv-5o75FNk5a0SW4SlQsLxNSf_YN9PZxkDEr4E6AsKVK0sbWTNJwhCjpc7DKTRDwxEwZ76L1upbt5N2x8VPe1WgwDAsmaoTdIZMvmyHF4I_nk9j5pBOrEkENqWyNe81LozvqPpX-aDTNgKm5Xv-mNNYv9sR370pSdQRQJ9_7buKybAns_dd4UwepjiBwnem8-Z-To7QPkArZ38t7spKzxz-k0RuNmLqgyodw0pCTQZBfe7Nd3oDuhqZr_cdsSMuRvsgHcdTwI6TlHYB65xArmPxeA_Nwd0rEXhhqu0glduUBeDr1WWe4Q2rJO0JpHRmMok7nwJdt1ycltz4-LYDCPbeV8siHN9qgZm2x68Q95kXXhlFoQuTz0GYRGrE_MQne8Nnv-fBsNNy7_z6qjHC4PsXCN8yaS9X3p8QvdPs8L3DUCXLuUwJIgWP3Z0RpSZLVyu5dILtJESHzr_Umqob5gNE2hLo61lUvBqNHHqE9IAupKi8rdnAVHeXP5oD-htm8pP2iwifsrFaaCoCKES3LbwU_vlwfSKEn4k2XngYbKZLrsz4ytl0yYLoSE6Dlc3i3z3YKJJsCnSVovJzs7TNtWWIy1Gpl8km6eKgzGQ_pcrL5gj-WqoWmbdf6DMneAAOJRWZkAmoM5Rzf4S3DReExaNjNyzmNvFJRKGmbngrfaueweA54braF0AaUV9vYXpXmYWi5tcdP53NIx3GAGxg8b_xo_leBPEEGP0oj_XWwWshcf8bG7IqkoMe9MVIDJBkefM3ROClHhOKElWNdHf7YWekpdHI26rlw-B3aS-vvgfGTkM4oFa78hW4Jqpux_qhM1DGJ8R1Q63f3fQs8Hh_J7cq70AGzY3QOjyNYz5ZLao1iRk281rjpzZP2sFT-QHGNNx9dDkctQXXoBVLCvONzQRWD9KqcnqHnFoFCj9syWrVFmldd-thxtEF1R-_O_7TbrCUr1DR9YvCAYaoDkPXZB1sxCYD6tzj-DCsySVU9WliS5IS8h1aVD0IEJVlPX8ep4EdJZKrk3T_kTucQ6p1wL3JBn47TkotNRg0WRhNLHaczOtcWOUbcwL526YCAAxSjv-T_YnPJ2gSA0p4QphMJlMYD-9gTr_bgtMq5DTVO6e17__6XwM-1YyOhwhx3K92GyJv6XRHCVDVp27PahGJ735nnyWOjcmiDjGq_8xKnqBcRJZ5GJFnWAWrfhMip5SAMxSD7hzj43qAFHPJrT8YbZZ0nVxTdw9CGWLd3m4gR-EhNeI7vrTeCUKYz7cSM5GDsw0uD0ygBNVzF7iBgqEOhD62ptTJqSsStwjGDJmNii43iFD3wZ9m0M2ycPry45QFg7-VLSAvubdzpIyPwoZbc28fnG_RyuaV-lLYfBNufmJClc7Bvx2tVE4xZ5wUoDOJgBEOA6sV0-JbKfzBfN9BEB0xm0_UmgFaCeNsAl4Jv1t6YlDB1B8z0nDEaSsqGvLTLZPgIEzXYglnHJ6EoDGRok9b5pvOZYKV2nKxS_WMUWKHMJothxcfrwYtQ9MFKvRbw0a2TLlpZlTeyl4L9IwcroVGndlS2BCjF60AWXv4WEgW2xYdhoks6P_V0xPQLd8J-5QUcB1ze7OwLsm6cVBXYQ1bX0MLNffdBXW9O_mo_kYupaB-Yc5fTegc-E1PwuNuty5N0e_HYVZnvPwLSEvg8VsiTv_Cr6MF-8bYoARid4JHuW_6cj7z9SBYfI_680qp1RiXK82rFK_h30WPe_qs0KWNi83rlbZfduzDbIC0nh8aHPlUFW2ILg7YmSBlnNwhRF0c3WPjaa3RW0EcPdik29Hk-BTzUnpwctRVWLFyKpGP-eCr4j0eQdNauYxc3kpBGPLRHHo3DQXfKYQa2ePNWMU4XIrj9B4XPQqrubuT0KYSNdjx2DfMg7zAN3xtBByNKUITI7aoTMPza6qezUW5WGg15XnOb_6tWB1NuutOgCmXTB7xOFUhWA9rILNe3St1AhCrVPb3e25YrFKVfCd4LSfLDNTIkK86TcWSM2ybfwLt9l5vXSJGZ17WMRon7GylFwpG4sGOk3QtRRFGRnietKx95gvtC66f8ZpwhrOhhb4alITYYQYfsaHPOU0ZyEtT0jJ8tsD8Ro33UYJXJkqgu1BbPQ8j6MdibwNLuW3k6CmqHtKDMP42B9N0zHHnbPX5yDWbW6DB3dbVhT3PnWq4CPmTKkkKyI_Jx8oLxFzasIeNUD4Oq5CPKb8VJ4FCralBqjDnocUfn-HKQq7bBfNS_vQV5fDxnMKAGr9AHS9RXwEJaQ9bUdCp9jfImUKzIkpo1iNkTMwvcRzmLNqtLVd1MCoxOMORBpIzJO1PxC77Rj0o17EpqrpglmpvNeXg7MtAq1hs9TZ20lMsJv0h5wNWoS4PSBpSOGPtNS6xMAOypjSBdGfI9OFcAAl5wKXo2xNMFtao6_wupjLomDzDG1R06NzN9sdKID-RMb5XRqSRcl_rSwjF6HBNNTlf49HrS-j0PDEidNHqizph_6U0fV8o80gBJs1IbRL3msEDRcxBb0F3-rD-iWHUo-JK0Vl5imbNB-Jf09oGPsffEcg-a2ZcOsj7_fTGaAG1ek9RWgCM4gYcNiiMoNj4Qp-mOr_YG5oVLddweU76hdZ54HOMWy87SyfOjbz2hVbUjNWLiWVDEj929KZcICydowNGWOAWYLJoKb0XRSjkU4GWP992MGJe2urF20MNTIC5F1vrwAaavrX7SDIDa1SrVUHdx45svgQVXHirn6G_BBoROg9EMy2dbRiYd76h6rckzGDLxp0-pfjmEJlKHQAeMd7gA-zhWKzvQ6KyWWqcUvX-fuwjI7ew8mSkkxqKJbIEDen7qKHbH9M-2I90zvCL06Z9EtyP_qcGWjZiktnxruPL1UwzNvNWTr8u3Iv9j1WkktIenk__h_viA1LNVLZl0W597_mXIZWqIJ-p_Uh9I0dcL8kfq7VcWTkrafp9po06dhy3q_rmIqctExfF6OnOrQ5sl_tsLShYaqv0wNcOB7eTrW1DzuA7haitmuWae3YHDWruB3rnwHx_T_gmr-zsEQrLTvzu86bxIDIZrmAUGbkoaa7GTdkruJKStEIG8rnLaVT01u0Y9bKJFoj4NqazBywN8B9RjMppFCzY_vkQT9q90WsUyukaT13bfwH8NUsJM9xPggt5TXGAh1O0vb8pTOpaiahUASztrNDWXOh4t5Thy-_0Wr-rFVB6rNUQUEG9OtVfARlYnkwqKhR7fFJaeDC-71HFxSoQh6X1-Ujqhsf7mS7Hqor9pJA9rN3ghtvQFwPkC2jeCFij8cqq-tm-0P7C-XP1YXwhi1y2wdvuG-oDzwJfABx3-vucVn7_RcvCsPEnHk1HVmp0OFtYfffx7PqbFFXJVBB6fLf80-P8YSHHnumNiAzMRQUAR70&cid=CAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=8427979348079025000&adk=497053792&idt=52&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f43ea6cbbf261394f83dc2f3425942bf6ddf498490f6cecfbf38739c1ff8b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11549
x-xss-protection: 0
server: cafe
etag: 13750958460409166979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:14:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7389 41 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:47:52 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODgyNDY2MzQ2OTk1OAogIHNlcnZlcl9pcDogNzk2MjY1MTEKICBwcm9jZXNzX2lkOiAyNjE3MzA0ODI3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 7389 0
508 B 92ms
60ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODgyNDY2MzQ2OTk1OAogIHNlcnZlcl9pcDogNzk2MjY1MTEKICBwcm9jZXNzX2lkOiAyNjE3MzA0ODI3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE1NDQ1MjIzNTM2MzM3NTY0OTg2CmRlYnVnX2tleTogMTY3MDg2OTcwOTEwNzAyNzA1OTYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTI1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xe0551b9a9ce18b4e0000000000000000","13":"0xdb1f6106c28459df0000000000000000","14":"0x34b9420d2cbdc7000000000000000000","15":"0x3c9ab0d97e58b6d50000000000000000"},"debug_key":"16708697091070270596","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"15445223536337564986"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 7389 12 KB
4 KB 123ms
33ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1708824663034678&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0c174608a3ef7942f038af7a8b74e847084622f08ff98cf44d598e7818d8ad64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4317
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8511 3 KB
3 KB 283ms
175ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1852%2F5267407%2F9d1f7fe3f2b4490eae62bdb7c70d3857_mydays_logo_800x1200px.jpg&v=3&w=196&rid=4&s=9gpx1zWpYp-e5LXzp-bwaT66

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72fa4dcf3a98c6fd3a25b46d7f16291d7d4e52385909bf3be91025fac876567e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3034
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8511 63 KB
63 KB 284ms
175ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1852%2F5267407%2F140d286656a3466e81da8ecab0f70419_3_bubble_hotel_1200x628px.jpg&v=3&w=1200&rid=4&s=oN3-eILWWqE8kI66PpX4rxW4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 64240
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8511 69 KB
69 KB 182ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1Cy40beYqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_P67osF3eUHRO2t4HuHSqgDtZcQLcJ_01PGeMxfg.jpg&v=3&w=800&rid=4&s=vdsPangkhAlilir9jQh_kqXG&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 70624
expires: Sun, 19 Jan 2025 08:53:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8511 87 KB
87 KB 270ms
162ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsIwEAXQu_x1myBYC3MVIy4m08YiJkymBAy5u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_Py7rcru4oOyZsbwPdO1RAHay5gJYJ_01PGeMxfg.jpg&v=3&w=800&rid=4&s=W0X-KVOLESlkUXY_rQnn567k&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95fe23e3abcc01f8757b10b64654110baf3527c0ff0a905085d744c514065097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 88938
expires: Sat, 25 Jan 2025 11:57:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8511 178 KB
179 KB 236ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1CwtrauYqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_PZbmsN3eUHRO2t4HuHSqgDtZcQNcJ_01PGeMxfg.jpg&v=3&w=800&rid=4&s=_OIUFoRdnvc0t1YqgM6IGQEc&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc1241e59e05ee313241dcdbef7af9dc74df6cf38cbf940e93e8fc4040dfddd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 182634
expires: Sat, 25 Jan 2025 11:57:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8511 0
127 B 113ms
39ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=-muEc1Wk6BrVyxGswpZNxm9nKt6-9G2ynp-Zibs7i9oswRh0UPmfSMUmd5xP9A87mge-1sksh7fV4GFRO9y7cjuw7YiK2CHqUyCogTkVkLBetr_2No1OBlv3Pbth3wB0g1jaSpTF72yxTXBp1z7nVWTWsPJ512JTdxLGZs0Q37syTFcfYQih44m-hqpONKua2h1K6CfTr5re8jwXDMxTZN3XAKBE3967i1XXxF3pwwEg8LIrvVDcm4MS2aZ41twjNHzFlw&sds=2&rev=90787.5&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8511 2 KB
1 KB 82ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8511 2 KB
1 KB 83ms
83ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E1AC 0
127 B 101ms
39ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=vyRzNVWk6BrVyxGsirFgyZmbCO1PusHYih_3DQDs_YWgLP6XcDLqsXvAUDxCHwIMTwEOmdbaxFK16gbbZiyL-fPXh6um68R0Z2YrHJuewsJjQATnx7vLNtkOLNElD9-DbiVEV_FVqt4wjMCWa9YpBrQW0DcNlLOiO3FDu4ye4or_rutFMNWaLUtT1qh2nR42VdsMN2hM9jddN593CkbtfSIcIe8qZEihDuzFObEJKhq-hG5A7bQa5wUGEIGBzmHYBfX0ow&sds=2&rev=90787.5&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E1AC 2 KB
1 KB 72ms
71ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E1AC 2 KB
1 KB 73ms
72ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 01:31:03 GMT

GET
H2 200 B31370318.387082572;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=1877897938;ord=iypbye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7bYEVpjaZfilIsOW9u8Pr-yr0AWUlISJdqyX-NWF... Show response
ad.doubleclick.net/ddm/adj/N108410.135351SOJERN4/ Frame AB11 72 KB
34 KB 65ms
63ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N108410.135351SOJERN4/B31370318.387082572;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=1877897938;ord=iypbye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7bYEVpjaZfilIsOW9u8Pr-yr0AWUlISJdqyX-NWFEvAuEAEgme_vEWCV-pqCrAegAa_U2cQDyAEJqQKlThlomvuoPqgDAcgDmwSqBKECT9CD6RBkIosh7dzWQzr74AKmEQP_Dz4I5enOGTUOwXV7k1Cy30v_BC6K8FEcSHkJRLi6OuqdxVYzmNPAsDF7asi7fr17VfXIXwxPYK2TY9PNlC4mSObvU-Lr0qLPHQc7fxBJTUcfXbvhAwzSRI-hjXvpzEwd1BN7IXJzXv1HHNjk_hIQKkHQW5PY7qt9GoOh6E2vqPqQaTnsomWpNRJBeW6Qd60wXNk550AywSOc7nfhnPa325eputpv_d3u4o0AdV5sCeKDyPb50QrlO9sikK_kBpHN55YYOvq2yIB-tVcfmU6o426V0LzN0X105i87Fgac2FQDmn83OWunc0kqU31teW6Z78urCOaR7K9U236YeeDeLfwLf7-gZDSEBpuItsAErv-ey8gE4AQDiAXSqaSWTpAGAaAGTYAHuaumO6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAlAhIvf3BOli3hPv3q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBPu6tkW2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ%26sig%3DAOD64_39Gybuu6ywSQy8gys20h6akVCdZA%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-BYJ7d8_ZQf_N9yyaNOXS3u5rvO0xtJHFFSwnblkAoBBOg0RXpXjz8M5d_IWToje7yFDqkLUUo9gCwmdmRy8V4lmO9YaefLL3W2YmrLi9BgUXca6Tcp45nD2rGuXP1ax2uC9Rlo60PJnUCB5m8-XhJ4EtPTJ9u2exkQQPCJTftGky6DCS408NWqZtqB47ayHAqNe8Wrz5O47_C0O-fW4AqLEm5M_g%26cry%3D1%26dbm_d%3DAKAmf-Dt9QTEIn4s4I5AFVZsZygGd-mQSyJwOYg_GYflY-_F0HpdEK1h5ycXHSNORjazz6eguL9krfnnBO-IViSoiajBKJoncfljuwupPFGJYGLeUGoNoX01u75okPEkIbuUsJj9ok2Dh3RyMA3qxA3WmEhfq6J5siRomxuX-1Blqxi8EVrowm3i__7JG7kO7Bxd3gZJnsJW1BKi9J3udbVtcZxoRo6RiDRIqm8i8RICp-mCKGGK0R3p47fRTZXGrQEx-jU6vBnMwbHvDiWkFfzcHiTuZC5_yW9zK-wYbDHOD-dnKmftCMQHa9Zpjv2F3UGcz-0Kb8v8PX1FeUPGKIg4ynf3YXkQDOlqN2fHf50ZiG45krw2sRqUK1_hxvgsKYSzI5DPTPMLMYZso18Bo0RkCsUCk8PmSWhl9831IzBDAdqBlPxTz-dABQj0FfUsNzciZ9BZwX9kWZxdOSc9MtYlBMBtxECxNnrFHjvvPOJKhgvv7v5-bfZAL52XPG8JxgOvZw29ELGeb0K5fEBqVkNr6AaWeSpXW9r1Cqz4D6yy-3QjIQ1QIZcjqoCgJlqzdlm7sNwtdrr1yRbiCQKxJhNYYcRCcNJwJw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.csgowinner.com%2F$0;xdt=1;crlt=L.DHbWGQkY;stc=1;chaa=1;sttr=156;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

d59e80bc9f4c931f6030a3b2e64578dd4930465d9d4169988afd1dc344aad76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 7E37 0
991 B 42ms
41ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.csgowinner.com&e=wqT_3QKmB-imAwAAAwDWAAUBCNaw6q4GEMKig8XKzKGiIRgAKjYJJvlpLbbGnz8R_0P0XtNUnz8ZAAAAoJmZyT8h_w0SACkRJMgxAAAA4FG4rj8wmYz_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4AIABAYoBA1VTRJIFBvBSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWNzZ293aW5uZXIuY29t2ALwBuACoqgx6gIaaHR0cHM6Ly93d3cuY3Nnb3cVJlyAAwCIAwGQAwCYAwmgAwGqA6YDCrwCaHQZMPCGYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjU1YWJjYWQtNTI3ZC00Nzc0LWIzZmMtYmE0MWJlN2MxNzczJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zCVxUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOADKOcQC4cnR5cGU9bnVybCZ0YWdJZD04MzczNzg1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wbV9qY2kyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM5NzE4ODY2ODU1MTkwOTY5OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk1TVRFM01qZzJNekV5TWpnak1qTXlORGN4ARjweU9URXhOVE0wTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWqzJ2lksLI_jnABQDJBQAAAAAAAPA_0gUJCQAAAQx0AADYBQHgBQHwBcg0-gUECAAQAJAGAJgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXLAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=2c43adc300a4fc52b590be169137d45887e52b59&type=nv&nvt=5&jm=1003&sid=3142719911554654475&vd=ct~0|rr~0&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=8373785&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: 97f4167c-2561-42af-b8d6-251c631324fb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6A00 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:54:53 GMT
expires: Thu, 20 Feb 2025 07:54:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D41 38 KB
13 KB 23ms
22ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:54:53 GMT
expires: Thu, 20 Feb 2025 07:54:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900026.redintelligence.net/ Frame 7389
Redirect Chain

https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

158ms
98ms

Script
application/x-javascript

138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9a7f518aeb893c007784d35a57ff140728f112869aedd699457dadc39d3cf4cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Feb 2024 01:31:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 75365200006491404444550012611026
Connection: close
Content-Length: 1099
Expires: Sun, 25 Feb 2024 01:31:03 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 25 Feb 2024 01:31:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 25 Feb 2024 01:31:03 +0100

GET
DATA 200
OK truncated
/ Frame D38B 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32db5d62aef341482158d7386be18383e392e2c6ef40c93cd96ac2a99fc9047e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D38B 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0X1GVpjaZfelIsOW9u8Pr-yr0AXJntKxXNWdkfdwwI23ARABIABglfqagqwHggEXY2EtcHViLTE3MDI4NjY3NjM0NjI5MTbIAQmpAnMgfuG6J7I-qAMByAMCqgT5AU_QCXqB13ffyaqIVt2kqhHmEh6Kk50m18_zhDABeFmGDjmiZ_ob7fIMMKf2W8rwhNaFcQX9oQBzeVokW4EIaXODh9xjEGsAqK9YkV-duN3OngOebs5vdoQdwDZb6HTnAnJMF7JJ8nWQUeReV1jrNwUFb2QlWB5PTs2du6AE64HGnmtut5Wq7XyXWXq-CXAvxH4rXWCMiEe2ODNjpLF_7Ho7xxiHEPd5k8Sq7DnWCjluievSENofS6ZJP1Gyka-UHKHYT_JUKjNY_g0SDi9X5Fk-Fbz0KEdWG9cQiQLO7FrZ3nawbx_ITF17RUST_I2Omd6CwfqiqwzAPYAGsK7b9r7fjrydAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgJQISL39wTpYt4T796vFhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTcwMjg2Njc2MzQ2MjkxNhgA&sigh=wJ5kZZUtVF0&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ&cbvp=2&vis=1

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D38B 0
126 B 171ms
40ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKzKGdyBMKAB2ASdg2ICAgAAAN5HXfpL3j5UEFaY2mWFjzqRdjnokg41AAASAAAKCkFRVUJBUUVCQVE&wp=ZdqYVgAIkvcH_YtDAAr2Lz_ft2BbYhg6KuefvQ&cbvp=2

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 183775
server: Kestrel
content-length: 0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB11 204 KB
61 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N108410.135351SOJERN4/B31370318.387082572;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=1877897938;ord=iypbye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7bYEVpjaZfilIsOW9u8Pr-yr0AWUlISJdqyX-NWFEvAuEAEgme_vEWCV-pqCrAegAa_U2cQDyAEJqQKlThlomvuoPqgDAcgDmwSqBKECT9CD6RBkIosh7dzWQzr74AKmEQP_Dz4I5enOGTUOwXV7k1Cy30v_BC6K8FEcSHkJRLi6OuqdxVYzmNPAsDF7asi7fr17VfXIXwxPYK2TY9PNlC4mSObvU-Lr0qLPHQc7fxBJTUcfXbvhAwzSRI-hjXvpzEwd1BN7IXJzXv1HHNjk_hIQKkHQW5PY7qt9GoOh6E2vqPqQaTnsomWpNRJBeW6Qd60wXNk550AywSOc7nfhnPa325eputpv_d3u4o0AdV5sCeKDyPb50QrlO9sikK_kBpHN55YYOvq2yIB-tVcfmU6o426V0LzN0X105i87Fgac2FQDmn83OWunc0kqU31teW6Z78urCOaR7K9U236YeeDeLfwLf7-gZDSEBpuItsAErv-ey8gE4AQDiAXSqaSWTpAGAaAGTYAHuaumO6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAlAhIvf3BOli3hPv3q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBPu6tkW2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ%26sig%3DAOD64_39Gybuu6ywSQy8gys20h6akVCdZA%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-BYJ7d8_ZQf_N9yyaNOXS3u5rvO0xtJHFFSwnblkAoBBOg0RXpXjz8M5d_IWToje7yFDqkLUUo9gCwmdmRy8V4lmO9YaefLL3W2YmrLi9BgUXca6Tcp45nD2rGuXP1ax2uC9Rlo60PJnUCB5m8-XhJ4EtPTJ9u2exkQQPCJTftGky6DCS408NWqZtqB47ayHAqNe8Wrz5O47_C0O-fW4AqLEm5M_g%26cry%3D1%26dbm_d%3DAKAmf-Dt9QTEIn4s4I5AFVZsZygGd-mQSyJwOYg_GYflY-_F0HpdEK1h5ycXHSNORjazz6eguL9krfnnBO-IViSoiajBKJoncfljuwupPFGJYGLeUGoNoX01u75okPEkIbuUsJj9ok2Dh3RyMA3qxA3WmEhfq6J5siRomxuX-1Blqxi8EVrowm3i__7JG7kO7Bxd3gZJnsJW1BKi9J3udbVtcZxoRo6RiDRIqm8i8RICp-mCKGGK0R3p47fRTZXGrQEx-jU6vBnMwbHvDiWkFfzcHiTuZC5_yW9zK-wYbDHOD-dnKmftCMQHa9Zpjv2F3UGcz-0Kb8v8PX1FeUPGKIg4ynf3YXkQDOlqN2fHf50ZiG45krw2sRqUK1_hxvgsKYSzI5DPTPMLMYZso18Bo0RkCsUCk8PmSWhl9831IzBDAdqBlPxTz-dABQj0FfUsNzciZ9BZwX9kWZxdOSc9MtYlBMBtxECxNnrFHjvvPOJKhgvv7v5-bfZAL52XPG8JxgOvZw29ELGeb0K5fEBqVkNr6AaWeSpXW9r1Cqz4D6yy-3QjIQ1QIZcjqoCgJlqzdlm7sNwtdrr1yRbiCQKxJhNYYcRCcNJwJw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.csgowinner.com%2F$0;xdt=1;crlt=L.DHbWGQkY;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 02:10:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame AB11 12 KB
4 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:14:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB11 0
0 147ms
63ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMFnB-EbSjUdPLowOPTLnH1On4RqjJ-imRQ4T_JURUKohDUJrEa3yBViQgGIExnHpOUU2rXmjVY9XKP7vorIVTxa4CrKD0N5MlSrUqsRd-9kX1iv_wTZ0ZlttR_uqD8__0QMzPgfKxne22wIXPuLN2uPOA__slgOHOumPZ_DqCL630o2SZKaJnBhD_5cWtb6cUbR465g7uqaYj1JS-QT1OIwLx7_iLIT-5VA&sai=AMfl-YSAesyEZtEhkzZm1RKZSMOiFOWe5Ddlal5qOreNlyp7VbgFLKBsxAv2eD_9tJ3O03ydYoY1r8aN3JbWbJA65FmJXGAO9eYfyH2Qzw&sig=Cg0ArKJSzIXx9BTm7Q-8EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240221.49091&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 01:31:03 GMT

GET
H/1.1 200
OK tag.tr Show response
red.vtracy.de/ Frame AB11 17 KB
17 KB 155ms
55ms Script
text/javascript 18.184.93.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://red.vtracy.de/tag.tr?tr_vis=false&tr_adid=k31370318_s5106718_p387082572_c209119733&tr_lso=false&tr_sync=true
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N108410.135351SOJERN4/B31370318.387082572;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=1877897938;ord=iypbye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7bYEVpjaZfilIsOW9u8Pr-yr0AWUlISJdqyX-NWFEvAuEAEgme_vEWCV-pqCrAegAa_U2cQDyAEJqQKlThlomvuoPqgDAcgDmwSqBKECT9CD6RBkIosh7dzWQzr74AKmEQP_Dz4I5enOGTUOwXV7k1Cy30v_BC6K8FEcSHkJRLi6OuqdxVYzmNPAsDF7asi7fr17VfXIXwxPYK2TY9PNlC4mSObvU-Lr0qLPHQc7fxBJTUcfXbvhAwzSRI-hjXvpzEwd1BN7IXJzXv1HHNjk_hIQKkHQW5PY7qt9GoOh6E2vqPqQaTnsomWpNRJBeW6Qd60wXNk550AywSOc7nfhnPa325eputpv_d3u4o0AdV5sCeKDyPb50QrlO9sikK_kBpHN55YYOvq2yIB-tVcfmU6o426V0LzN0X105i87Fgac2FQDmn83OWunc0kqU31teW6Z78urCOaR7K9U236YeeDeLfwLf7-gZDSEBpuItsAErv-ey8gE4AQDiAXSqaSWTpAGAaAGTYAHuaumO6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAlAhIvf3BOli3hPv3q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBPu6tkW2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ%26sig%3DAOD64_39Gybuu6ywSQy8gys20h6akVCdZA%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-BYJ7d8_ZQf_N9yyaNOXS3u5rvO0xtJHFFSwnblkAoBBOg0RXpXjz8M5d_IWToje7yFDqkLUUo9gCwmdmRy8V4lmO9YaefLL3W2YmrLi9BgUXca6Tcp45nD2rGuXP1ax2uC9Rlo60PJnUCB5m8-XhJ4EtPTJ9u2exkQQPCJTftGky6DCS408NWqZtqB47ayHAqNe8Wrz5O47_C0O-fW4AqLEm5M_g%26cry%3D1%26dbm_d%3DAKAmf-Dt9QTEIn4s4I5AFVZsZygGd-mQSyJwOYg_GYflY-_F0HpdEK1h5ycXHSNORjazz6eguL9krfnnBO-IViSoiajBKJoncfljuwupPFGJYGLeUGoNoX01u75okPEkIbuUsJj9ok2Dh3RyMA3qxA3WmEhfq6J5siRomxuX-1Blqxi8EVrowm3i__7JG7kO7Bxd3gZJnsJW1BKi9J3udbVtcZxoRo6RiDRIqm8i8RICp-mCKGGK0R3p47fRTZXGrQEx-jU6vBnMwbHvDiWkFfzcHiTuZC5_yW9zK-wYbDHOD-dnKmftCMQHa9Zpjv2F3UGcz-0Kb8v8PX1FeUPGKIg4ynf3YXkQDOlqN2fHf50ZiG45krw2sRqUK1_hxvgsKYSzI5DPTPMLMYZso18Bo0RkCsUCk8PmSWhl9831IzBDAdqBlPxTz-dABQj0FfUsNzciZ9BZwX9kWZxdOSc9MtYlBMBtxECxNnrFHjvvPOJKhgvv7v5-bfZAL52XPG8JxgOvZw29ELGeb0K5fEBqVkNr6AaWeSpXW9r1Cqz4D6yy-3QjIQ1QIZcjqoCgJlqzdlm7sNwtdrr1yRbiCQKxJhNYYcRCcNJwJw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.csgowinner.com%2F$0;xdt=1;crlt=L.DHbWGQkY;stc=1;chaa=1;sttr=156;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.93.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-224.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 31e97ae341dae971a2583f450ce1bdd94e019cda71db0ea56cbf46420a356338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:03 GMT
Server: Apache
Connection: keep-alive
transfer-encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET ftg_t_v_bk.min.js
c.t4ft.de/c/ Frame AB11 0
0

GET
H2 200 8634342447214513527
s0.2mdn.net/simgad/ Frame AB11 88 KB
89 KB 76ms
23ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8634342447214513527

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661cf45352ec19dbc6c940c8f9d6591dca29e0f7cf79e538fbd00ec18d9196ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 00:59:10 GMT
date: Wed, 21 Feb 2024 00:59:10 GMT
x-content-type-options: nosniff
age: 347513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90566
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 15:05:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AB11 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85ecaa203aff913ee5b3607494b8bfaed52195545e122dc2f400672a470277a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A00 50 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:20:11 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B186 38 KB
13 KB 24ms
23ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:54:53 GMT
expires: Thu, 20 Feb 2025 07:54:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D41 50 KB
19 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:20:11 GMT

GET
DATA 200
OK truncated
/ Frame 7E37 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf882370c0bafd7d5279b39305b5da8acbea9a4d1efe5bb1cecf6fb7b8484c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7E37 0
19 B 66ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs7fWVpjaZfalIsOW9u8Pr-yr0AXS4Nfgbo-ktpOTCsCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqAMByAMCqgT4AU_QWYvvzkxdEVvVM55x8f4bTJFprYNh9yApqE4y5USiWicAivIobqtbVdkhQNypLp2DQimPc4y3LbeVJKMERIkDdnqvZhv9_yvc7v4wnTU9xme_GtzRuTeRLrhZ-bm9XUegor0zxnf6lp933-iXGRZbf0b4UhPH2Yr47tiNGU7ldo4hcp08mmEtuA0l-j4pwdWZdYQAHWrCG8HFelKhZ-cDwpINSonOHWhHssBhjNB9OG8f1B-1z_gzTrLd_KB1wxfTQbI6t1JmOZOfzbmt8zLgkpuvD3t6T5lzm3hN2O2WA7OsPbBwaJKlOK7wZb5QELxFRGc9WNvegAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlAhIvf3BOli3hPv3q8WEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNzAyODY2NzYzNDYyOTE2GAA&sigh=gQgLqDE_f6Y&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ&cbvp=2&vis=1

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 01:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 7E37 0
966 B 45ms
44ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.csgowinner.com&e=wqT_3QKmB-imAwAAAwDWAAUBCNaw6q4GEMKig8XKzKGiIRgAKjYJJvlpLbbGnz8R_0P0XtNUnz8ZAAAAoJmZyT8h_w0SACkRJMgxAAAA4FG4rj8wmYz_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4AIABAYoBA1VTRJIFBvBSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWNzZ293aW5uZXIuY29t2ALwBuACoqgx6gIaaHR0cHM6Ly93d3cuY3Nnb3cVJlyAAwCIAwGQAwCYAwmgAwGqA6YDCrwCaHQZMPCGYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjU1YWJjYWQtNTI3ZC00Nzc0LWIzZmMtYmE0MWJlN2MxNzczJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zCVxUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOADKOcQC4cnR5cGU9bnVybCZ0YWdJZD04MzczNzg1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wbV9qY2kyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM5NzE4ODY2ODU1MTkwOTY5OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk1TVRFM01qZzJNekV5TWpnak1qTXlORGN4ARjweU9URXhOVE0wTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWqzJ2lksLI_jnABQDJBQAAAAAAAPA_0gUJCQAAAQx0AADYBQHgBQHwBcg0-gUECAAQAJAGAJgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXLAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=2c43adc300a4fc52b590be169137d45887e52b59&pp=ZdqYVgAIkvYH_YtDAAr2Lx3djkM0nR2hstAnTg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSkjYVpjaZfalIsOW9u8Pr-yr0AXS4Nfgbo-ktpOTCsCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqAMByAMCqgT7AU_QWYvvzkxdEVvVM55x8f4bTJFprYNh9yApqE4y5USiWicAivIobqtbVdkhQNypLp2DQimPc4y3LbeVJKMERIkDdnqvZhv9_yvc7v4wnTU9xme_GtzRuTeRLrhZ-bm9XUegor0zxnf6lp933-iXGRZbf0b4UhPH2Yr47tiNGU7ldo4hcp08mmEtuA0l-j4pwdWZdYQAHWrCG8HFelKhZ-cDwpINSonOHWhHssBhjNB9OG8f1B-1z_gzTrLd_KB1wxfTQbI6t1JmOZOfzbmt8zLgktmtLum462MeD4I5bXPPhwWoHrr0Yby94Qx2PDrskJZpXKe8urZKOsLwgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlAhIvf3BOli3hPv3q8WEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16K4WqWVhOuNT0O16ONEoSf3EfLg%26client%3Dca-pub-1702866763462916%26adurl%3D&cbvp=2

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
an-x-request-uuid: e48a7801-d6e0-4610-96a0-c108f4da2274
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB11 0
0 62ms
61ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMFnB-EbSjUdPLowOPTLnH1On4RqjJ-imRQ4T_JURUKohDUJrEa3yBViQgGIExnHpOUU2rXmjVY9XKP7vorIVTxa4CrKD0N5MlSrUqsRd-9kX1iv_wTZ0ZlttR_uqD8__0QMzPgfKxne22wIXPuLN2uPOA__slgOHOumPZ_DqCL630o2SZKaJnBhD_5cWtb6cUbR465g7uqaYj1JS-QT1OIwLx7_iLIT-5VA&sai=AMfl-YSAesyEZtEhkzZm1RKZSMOiFOWe5Ddlal5qOreNlyp7VbgFLKBsxAv2eD_9tJ3O03ydYoY1r8aN3JbWbJA65FmJXGAO9eYfyH2Qzw&sig=Cg0ArKJSzIXx9BTm7Q-8EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=171&dett=2&cstd=0&cisv=r20240221.49091&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B186 51 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:26:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BFC3 0
19 B 61ms
60ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf8jbV5jaZbLrAcXd7_UPloqUqAfJntKxXPXqoYaIAcCNtwEQASAAYJX6moKsB4IBF2NhLXB1Yi0xNzAyODY2NzYzNDYyOTE2yAEJqQJzIH7huieyPqgDAcgDAqoEgAJP0MQPtPYY2O42m7oir4CSSLkhAImuDvxbTS8X-Z7MmYTt7_ujUkB8b7yi1W3nTueavQuYn-5eVjT_j5yp6sHeuk9WIkFPoY0ibOpIGCLsdCZK4p0pZJcqRa792H0yjMMVBkgrw2yBPVj_Q_DzBjqKl0HGGz3GvXcO8aJaTxrpsVkelL0ODRiN-OUvKLh5ob4NrUid2EplFGQ4aY65cPEAvIoLfV9xhDILJZk8tR-oz0zX4zV3y7eKGKkufJDv9Zv7VJPyJCy4k1Oyo2RRmVf3ZPthBx-JjfGzvpsG9JZkpo0iJGtjnlNSupNDDxzxonBB1LaBYNcCRMVrb-oE_SzggAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUCEi9_cE6WL_Ul_irxYQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE3MDI4NjY3NjM0NjI5MTYYAA&sigh=ZIK1HNJV7rI&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=940&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0&nras=2&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BFC3 0
125 B 40ms
39ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOzRGcz6RLAJmAKdg2ICAgAAAN5HXfpL3j5UEFaY2mXDgtxcDANSm9RnAAASAAAKCkFRVURBUUVCQVE&wp=ZdqYVwAAdbIIu-7FAAUFFs48TzbcCsGBOaOR2Q&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 122869
server: Kestrel
content-length: 0

GET
H/1.1 200
OK c.gif
red.vtracy.de/ Frame AB11 42 B
251 B 31ms
30ms Image
image/gif 18.184.93.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/c.gif?u1=1&u2=https://googleads.g.doubleclick.net/&u3=pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.93.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-224.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Last-Modified: Fri, 24 Nov 2023 14:07:26 GMT
Server: Apache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Content-Type: image/gif

GET
H/1.1

200
OK

tr_aa
red.vtracy.de/ Frame AB11
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A//red.vtracy.de/tr_aa%3Fv3%3Dvi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710%26adid%3Dk31370318_s5106718_p387082572_c209119733%26userId%3D%25%25COOK...
https://red.vtracy.de/tr_aa?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&userId=7339346046479693983&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd...

49 B
478 B

28ms
28ms

Image
image/gif

18.184.93.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tr_aa?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&userId=7339346046479693983&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 18.184.93.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-224.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Server: Apache
Vary: negotiate
Content-Type: image/gif
Cache-Control: must-revalidate
TCN: choice
Connection: keep-alive
Content-Location: tr_aa.tr
Content-Length: 49
Expires: Wed, 5 Feb 1986 06:06:06 GMT

Redirect headers

Location: https://red.vtracy.de/tr_aa?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&userId=7339346046479693983&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY
Date: Sun, 25 Feb 2024 01:31:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

tr_cm
red.vtracy.de/ Frame AB11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid...
https://red.vtracy.de/tr_cm?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY&google_gid...

49 B
477 B

38ms
37ms

Image
image/gif

18.184.93.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tr_cm?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY&google_gid=CAESEAYFcttBdabt2QY-USqQ9bA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 18.184.93.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-224.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Server: Apache
Vary: negotiate
Content-Type: image/gif
Cache-Control: must-revalidate
TCN: choice
Connection: keep-alive
Content-Location: tr_cm.tr
Content-Length: 49
Expires: Wed, 5 Feb 1986 06:06:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://red.vtracy.de/tr_cm?v3=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&adid=k31370318_s5106718_p387082572_c209119733&tr_timestamp=1708824664044&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY&google_gid=CAESEAYFcttBdabt2QY-USqQ9bA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 456
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AB11 70 B
149 B 166ms
52ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710&gdpr=&gdpr_consent=&request_uid=JS_ZdqYV-m7ofd3Ipzbi7YJmAAAANY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CFD 42 B
64 B 113ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbAYRrqqmxAvul5bTIq9Licocuy8VqdGileM7dUyDskJ6rrkqlcNPupECFwCkujaj-xCF7j2BtqE0A3PJOaOZGjL2hwqvX_IPU61sWFCKst7FTlyxVz7P1btIDqVhvERKjFuGwF-0MsffZx4M23eL7vuWvKvHK8AEV4g&sai=AMfl-YQSXcwhST4D0USN85YudpL6pXJPSO98AAzrBqw8qlJZ0CT4RFJ2SwctaLF7R4-BIpGPXFOGp0tqrruRqofXUZ0oRsQ03e6bLYn3TsmsleoJ-GQBhUpR4dwxMsKWBgPv6wM0tV0tpUG36tWw3Q94JQ&sig=Cg0ArKJSzOSaJfX6Qf9zEAE&cid=CAQSTwAvHhf_KrzfNoZlQyuD3avzE9CMVC_nge_HYBPwWva4XWxs1rH7TB2DnnnUUxSLKPTglhaXFhdrtEahCYHsW5pQ3ocl7dAuvzpEZqI1kVoYAQ&id=lidar2&mcvt=1034&p=0,0,280,1000&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2356769020&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=475746200&rst=1708824662412&rpt=640&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame D241 0
326 B 141ms
44ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 25 Feb 2024 01:31:04 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame 3E38 0
327 B 138ms
42ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 25 Feb 2024 01:31:04 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5219 930 B
923 B 144ms
26ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 25 Feb 2024 01:31:04 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 03 Mar 2024 01:31:04 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7389 2 KB
2 KB 184ms
81ms Script
text/html 35.176.232.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=75365200006491404444550012611026&nw=1
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.232.93 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-232-93.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cac1a83147efa276f6a895b65211289564b16f0fe0d5028e9153576bd281054a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
last-modified: Sun, 25 Feb 2024 01:31:04 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 25 Feb 2024 01:32:04 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900026.redintelligence.net/ Frame E736 7 KB
2 KB 90ms
31ms Document
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=638722f0a4&subid=&uid=e9f745aa9b4bd4f3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoF4V5jaZfaOAsOW9u8Pr-yr0AWm5b2gaYWVnKfJD_AuEAEgme_vEWCV-pqCrAfIAQmpAnMgfuG6J7I-qAMByAObBKoEqAJP0BKUQx0hobjNU-6Nb7Hdsxf96285QbiJ_ns4DhPkVk6S1oWfh3BdnVwt-ubCJGS3ZUlkVPG7l0basamWdET5dtGiMscfqEHoKrCuGnwcP_wcTAWh7XqKYUkFRiOT3FyQAaTG2ddrvvYq3NaNhz_dnpa5GG2eRU5kM9Yf9J36Ir8lge6_KUkViBpyopapixwcWkCoQ2STPubcmVUFaTknbNxuK4O5TGM_870yisd4nR_O03xa6kBfx9bqwLVtGWhFIaqXFDeSIOp9A_-gNWXuIQ_e0yT8X9w9M-62JFNCOPch-DV96mdBP27rKD1p0e6aEmgM9tTdv2D3qpE3w-lKXg7k9PbVdZC6fvELPXNSww8Ake0FEPs9KRCovuDuPiR22wBgzfhMucAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggrCIDhgBAQARgfMgeqgoDgn4ANOgmAQICAhICAlAhIvf3BOlju9pf4q8WEA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_h3crfoMitb7-8DyvpQAvEi7xeCHQ2Fs_ymoJOBEmynZnzwUooEyU6xT0ub31uIXhFt2_Rh_CghgB%26sig%3DAOD64_0eUWGnsQDIhQqbClME9paViF56hQ%26client%3Dca-pub-1702866763462916%26dbm_c%3DAKAmf-DeQk0mSm5qQz28tw6s_dI34NFoQ3ZOKJ13ijqzAwDKlmu3wslF-TBchx1eRwxMRRlp6XIBLmQmRETCbYyCZI9xacIy0Ts1pfRJSiY5ZiMuD72x6QFloGS-JU6EnKui3ZQUaOopL6cmaPd87Pj23WFgP5g71gPDr5919qUzfPZnseGLevS5Se_iAa06DH7P1HGBCr3gckn-k36b5pwHY53jBZv4YYrMpR2Gnv7jggxAPVfvXAk%26cry%3D1%26dbm_d%3DAKAmf-DBiFeMXsTRJoPrhsbaRM900OTiapxcRMNsa8jQyrdsa8z0nFvXb-IyX3T4SWPpgHbQzyYBPVxUedwV-f_5rv_vOCnAjqiWIi0a067t4UwIN7PyhltcqR3emI6JTHLhQDPmcPgO0gpEGOcs3omlda9A6aUCebZxjo3wY9-ckF7CVlilYZ7y1xbC8if_WC9VoNjEtkk6Ba2UmWUnnoZpZWrIqGoWPKoSq2btp0kUeGCPmCSZHwdy9WASKZINBjk7oMFeCu1MjA2igyzgoABInhE7fOopnNV253OTAVa7y3ChhCDT4r7IDZYso5-pn3sC5O1W7jzsE3PuOnEbeE1P25Jx51Ne8WvIS9N2xiFZtJbffErWK09mg_BTExpXZLpkpl5YD-J267T_9HcFAp8Ugp88Y1tgo6gFSUhkcOqYiZFa3EMK1mZvRwKCSQQwKF0ST6L2hjnJkLS3FziIN_OVbuZ9zZhRkLFtv__Eaau5b2OwfEMN6yXRPcbRbUNuW60Pa4kgfmmVl-t2kEIEbA5KhBUPSXn6W_XZq4ezbmm1r11eMc8zGmO1mmnSDi-hN1lmX-lbVh0DRJU5lbqmST9_9dcc7vzpknYaSF56ZctlkPBagGXf5xI%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1702866763462916%26output%3Dhtml%26h%3D90%26adk%3D236785816%26adf%3D3348424040%26pi%3Dt.aa~a.236152423~rp.4%26w%3D1180%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1708824663%26rafmt%3D1%26to%3Dqs%26pwprc%3D9300450939%26format%3D1180x90%26url%3Dhttps%253A%252F%252Fwww.csgowinner.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1708824663000%26bpp%3D1%26bdt%3D941%26idt%3D1%26shv%3Dr20240221%26mjsv%3Dm202402200101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Deab7897966fc6a7f%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg%26gpic%3DUID%253D00000d61a77e20b5%253AT%253D1708824662%253ART%253D1708824662%253AS%253DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw%26eo_id_str%3DID%253D0d7cc66683b0468e%253AT%253D1708824662%253ART%253D1708824662%253AS%253DAA-Afja3qcmmBC2HPfRq4UyhbAne%26prev_fmts%3D1000x280%252C0x0%252C1200x280%26nras%3D3%26correlator%3D2306123912379%26frm%3D20%26pv%3D1%26ga_vid%3D1094523460.1708824662%26ga_sid%3D1708824662%26ga_hid%3D72481753%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D210%26ady%3D2196%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081136%252C31081318%252C95322747%252C95325069%252C95320868%252C95324155%252C95324160%252C95325791%252C95325784%26oid%3D2%26psts%3DAOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY%26pvsid%3D3537540540132598%26tmod%3D2052339313%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.csgowinner.com&random=9643273599445&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 25a8eda86ed9702009c3556c52e2115e375c7a38bc4007313eb98e306e47db84

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2096
Content-Type: text/html; charset=utf-8
Date: Sun, 25 Feb 2024 01:31:04 GMT
Expires: Sun, 25 Feb 2024 01:31:04 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 7389
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

58ms
51ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75365200006491404444550012611026&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 25 Feb 2024 01:31:04 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3086 1 KB
647 B 26ms
25ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 07:31:26 GMT
etag: 48472445140208031
expires: Sun, 25 Feb 2024 07:31:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7389 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0acc3ab0ee9bf854e406c291f36b9732975e9d9c689dd3daa665c5e76242245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3086
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1&google_push=AXcoOmRM7q3953PTO2kxepCn9u5FTu2dmQ8E7Q2ed6nEkxgLqYm_XAPOzZjWOQvr8MnYkuHDffXZ1_VzbiCrEbkAM2EWPb6n6GH_SudJ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUxMTYwNzc2OTIzOTU2OTAyOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1

43 B
398 B

58ms
36ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Feb 2024 01:31:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmKIa4AqHAEDvh6pKXT_AI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDPE9I5WTzqqqblCvYxnKb4&google_cver=1&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJaeqhzTD9WatDdQats_i
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BD803E5F2864E9692B0A4380A39D042&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJae...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BD803E5F2864E9692B0A4380A39D042&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJaeqhzTD9WatDdQats_i

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Feb 2024 01:31:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BD803E5F2864E9692B0A4380A39D042&google_push=AXcoOmQ-LvrQK2IFvX3d9qhAhvWyXOiVcU8HTe7fBKBhD4k1WBMoQm5HEb_Dc_UBrkeph9yO5KK3VFzD-46SJaeqhzTD9WatDdQats_i
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Feb 2024 01:31:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJHKSzcBsjFJBLh1FqrqERw&google_cver=1&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzOTM0NjA0NjQ3OTY5Mzk4Mw%3D%3D&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX0_kT...

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzOTM0NjA0NjQ3OTY5Mzk4Mw%3D%3D&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX0_kTrhpcPxheHCGwf5

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzOTM0NjA0NjQ3OTY5Mzk4Mw%3D%3D&google_push=AXcoOmRIQv196HSJ8JZ4c2Vvzb6RufAZDV9UR2W6PStgqOdfQXdh05cLQ5fNxM6BXmAsHvUC0WC2sN8IPTTCmX0_kTrhpcPxheHCGwf5
Date: Sun, 25 Feb 2024 01:31:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3086 43 B
235 B 341ms
35ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEg2F0MnXJxsicyvi-gJWlM&google_cver=1&google_push=AXcoOmTUQB0yPiwD8YXOdOXnH7DGiwbivutO_jK4zVQ58EEHBscPJKLSA0deToWw_fCrrgrmw2HUsKZW_3GDvmaB1YK9GAIKHb2Jvgqk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZ7nO5zsmlHhz1WUyxwvzQ&google_cver=1&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4HbCY2Nb5F&google_hm=eS1RMUllMlBWRTJwRl...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4HbCY2Nb5F&google_hm=eS1RMUllMlBWRTJwRlFBV21lci4uZXBtdnZoYk9nclpZWn5B

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Feb 2024 01:31:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLFM93sM4kifDxrBIX3tpZOctqJS4iQEzACwLUUtm28c2ytXXxvIwCnL4Sx44nEo_PWUwC2ZZmDv94H1S0mNOKAl4HbCY2Nb5F&google_hm=eS1RMUllMlBWRTJwRlFBV21lci4uZXBtdnZoYk9nclpZWn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFrLap5uQ1sXlfKerg4Do5w&google_cver=1&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdG...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFrLap5uQ1sXlfKerg4Do5w&google_cver=1&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4OTA5NTczNDY2NTYwMTM5NQ&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlR...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4OTA5NTczNDY2NTYwMTM5NQ&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdGSiZOQxbxC5LU4KKGz74YCp4z

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4OTA5NTczNDY2NTYwMTM5NQ&google_push=AXcoOmT4eK0dbU7Lg9hvGNoeXdUYiZZVrNdcy9tLSmlo4iStIIOfSmTADFoJmtB2EhQ3sangce1NlRdGSiZOQxbxC5LU4KKGz74YCp4z
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 3086 43 B
296 B 302ms
42ms Image
image/gif 2a05:d01c:4f2:bf40:7276:b92d:c8b4:8166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPaSjpFcAAqGRCod1S7urZY&google_cver=1&google_push=AXcoOmT6hx00x7lLCgfd2PJwy3GKgK8aHMOEdLj9VHX7roHp0dhSt_ye2IzPlBmKGZz4SqQZvxILNSjcUob5Nhqsi5f54C2pZT20wzo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:4f2:bf40:7276:b92d:c8b4:8166 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3086 0
12 B 38ms
38ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGl2E3ivznQJ01T-07d6zlcJIm0n2oZ8aEaUZ7jciFEwOfFJVlyaNwfbbXxPvsyegFPSPM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame E736 2 KB
434 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6fdafff5ebb1051a3eeec76fc4ed6988433aee0046e5c7d4a02ee38e9730a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 01:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 01:14:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E736 10 KB
10 KB 190ms
120ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 988fd704eb38a2732517a9cc41e7bd310be607ffb20e54111b296c42dd4bca56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9898
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E736 9 KB
9 KB 190ms
117ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-627x627.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ccf21ce3c4085512070135aedbf35e6fa6121f3ccb4a557baf6ce2c818058c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8906
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E736 9 KB
9 KB 112ms
43ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3404432a263ece4af13ee10c7c6100a547efe9877de930b8a80033e8988cd8ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9254
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5219 183 KB
65 KB 47ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4036cd74da3c6203a05899365229911751cf83d729b506a446e83e7a555fe9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66541
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H/1.1 200
OK viewability Show response
hal900026.redintelligence.net/ Frame E736 0
150 B 121ms
40ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/viewability?s=75365200006491404444550012611026&a=46d7f231&vb=m
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900026.redintelligence.net/request_content.php?s=75365200006491404444550012611026&a=2f896595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 01:31:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7389 56 KB
19 KB 131ms
33ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=75365200006491404444550012611026&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4f03188bc85cffc0c30d25b3d85d409399b327bf822bd7ae334644c50d726bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 01:46:47 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 15:01:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85457
x-amz-server-side-encryption: AES256
etag: W/"ee061fd5b48845697bbcc6ca7ece7e5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9N2SzCyvWG81DWB3U63FjCBOSidt9ZMXtMsbHeTtCkqWeJLkU07YFQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 7389 85 B
438 B 115ms
31ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1708824964&Signature=Y7cN3xelC7mDfMEi37bQROMostGNc9l7bltcUCNXMkm9JwJImmzIILM0ez2mJj7Y-mwK6OJxyqmYx3a-5z524FJRKz1o4F~cGvV4EtYrMogY~frjx97fOYgqlZrgpErxj-VmdV-nGAOTbPtP29q4KeKhLVtoThmOMujP0MKtyPJDEnVJd5hirLOIcckR99KWHUNMih4mhP2rHds86zy1-621LckMqe0gNozHVeXzYEtg1lZ0fIEWLfxlIZg2w5PgUC91UA1DVr4T8GHwR5LlyY7tYP8oTK5UQiJBsx4ui80gKWzUhJAq8qiXNO9VbiD5wxOfGPvRRBA7Ybb-pSBpLA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1708824663&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708824663000&bpp=1&bdt=941&idt=1&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab7897966fc6a7f%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg&gpic=UID%3D00000d61a77e20b5%3AT%3D1708824662%3ART%3D1708824662%3AS%3DALNI_MZRq1aC3LZHbCPvmsHslZs7injziw&eo_id_str=ID%3D0d7cc66683b0468e%3AT%3D1708824662%3ART%3D1708824662%3AS%3DAA-Afja3qcmmBC2HPfRq4UyhbAne&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=2306123912379&frm=20&pv=1&ga_vid=1094523460.1708824662&ga_sid=1708824662&ga_hid=72481753&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081136%2C31081318%2C95322747%2C95325069%2C95320868%2C95324155%2C95324160%2C95325791%2C95325784&oid=2&psts=AOrYGsleAMh_ZKvbAk9sOesahLO4iGyD2YSqowCOBkI8lqqqr9pAAHcf-nTs1TSUkQetmehdz1uCfkxy80fohIij_EGAYaYY&pvsid=3537540540132598&tmod=2052339313&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 24 Feb 2024 10:51:48 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 52757
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: Py1gvhrK6hV-5JK-hXsXWVXNkqjrUuwueG0HvvWYyv3nqul9X92qBw==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D41 0
24 B 62ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0bhaV5jaZcbXHI-C_NUP-82D4AkAAAAAOAHgBAI&bg=!ysmlyYbNAAbA870Z4PM7ADQBe5WfOCAr0MCKCwOqzoPnYBpyEvBEfKFzP__Rjz8LZnsUHJlKSMH-i8-0PQSEV84VIM3eAgAAAVRSAAAABWgBB5kDd_tE7ZJV6gMwmywuCtWIVusiSiv0qZwJ6CdOBRGNjmiXbq87c5oJ1HpSa8hL4IoHQqNG6w7kROBXUwFnn4YjSzlzdHDMIc6Prf24AGqiN5eE7NH5UpPTZFA35XSZpA82rvJcmOKC4TNu9a_XIaOF03WspEW4V1-YoRP3k1bSI0z16_KFVn5UGsppmh3XOQYHIkIJU-FzIb9h4FoXElzch0JNjHjYBvI8gCxthSVNYGoigPbH9y2_SHv4M6ODhqv-O086yzedhflmJP8ucwmUDhiKW99mVMY_5d8Y0s1hOsTmqlzSxphxiKxmWDbn0h3-bdUWLFG00zuR8HS8E4OYKrjO9Qp9zcTGb6R74Dv3q8mxlohOpoMZu3UeNe7SkBijkJvXDnPViY-BlTZldZwXwpN-4mVqFsga0o4IDYu3RfwYss0H-DY6lG_5tIWu3eh3i42UggXwYKvU9XX06KiptZw6JrduiGZ7mrGDyiqoWOer0ZLUd_no_stqy4i7Q2jawH7u4_Nc2Xngf6Z983mcdqFIrxfR9RdOktHrQNznfeJ6lx98Ptl4tniRWiOAyLdRrIop0SOSvxCU53S-aRl4oJSsPWGYK988qYh2Qg4B3XztwiI07h8Tzx98TgOZnd9uVpS9HtFhPiwrR6NbehIg5apiE201MRNb76OWOxVsFHEPpCZbuNL52qS95lexs4-aAMmY1vg6C4Et0FKCcmYSFUAqlQ2S42nrKQrXLIkvGoKcruVGYhMwsWGTLIutwpV3gqRXPUuTAXlOqM_p7aWRmp5PUsdOVQf_hXFq0PZFLEyYMS2Rjijhpwop14XDhOGylYqvuRIjcnM5kyPAQ7bhTCC54NyuK-pj9tLSbE6IY6lTBH1X0ychXMAOiimPnEKEoUm6AcqaDS2wXRdQwwfmg84wvp6q8fOoJE-peZiJudDRq0KlEXFcV__KFWI5UiCYAmFnQUwUwH34DcZlB_PIEkDE_YqhUXKQFELbxZ_Wjnh2telrdylioEIBJ6UloflkoHjBnuNdq79h1PcCrxhSEQ6JL5z_NNCOqmDc7pZtMpiHwiJijP5nwi6sdPE2HuU-cEKtdnrMTzOcHhmdRJEX7bNXbCVxetxzuwbjhApgD7WSpvbGGQmXTPM2JziZ3puCPCt-uStNu97f6wL3gMhJFMmUWenHYw4R

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A00 0
24 B 63ms
62ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFwqEV5jaZcvNGbCB_NUPws6lyA0AAAAAOAHgBAI&bg=!T0ylTAPNAAbA870Z4PM7ADQBe5WfOCIn2oax0hrkMZUpeCiXleV4i-JupOQ-wt5X_1QW6hdx1jgsS14xDRXljC2L6sWFAgAAAXVSAAAABmgBB5kDTJtsSP5TeIAxIETSKTX9tpKghErXlQG36yZG58YDWj4YTd50QK04nHX1wa7OhmRojc-1MQbc6V1ZCeSZ4IYQ2Wax411m5WBc-pqXh8JCMVeePEyP6qF9KPPbT5HgP0XgjxvxOAX_G1mwmah8T_egSW5LxLtAIcN2fwwSTOtnwkWYjOnltL7J-2dn9LekiQ9zhwDARJzgcDE4MkgCudqm_SgsBHMbnuL1tQrwUqFfpgSg8p-9yEULmNohSr-QtviwXYI_6Pey3h9d2BGel4AY57WgcuSqZtccjNlNG7Qv8tZkI_F2B-e6Ly2POpjb9ZUrRs0GMcSd9XHGKEdTjy-vf3PaIpmEiL-esQkI1_Qe7UhyIvQjN6OKZzIPWVyoght9BZtKWPpAnYc5E2SsL-u-ErzS__ntcX0vcX7ENKUQgJVxLrC_ylyCi39odsqDTUnTomVF3goZxWQoy-D8apiq6FljBFm5JHFlDuG0ppO0hneZDRoBkn2uKKzN_3haZY9-atArT8bb7SQWKTZEB_h70928gemhee9TZ0rsjIdWYJx0m-_PSPEBg2eMYli4hO_Ru692oqNGuMkcgiJfeybJGbIzPiHjr8vqa-x70lChD0XXd5Hs8JwdgRjDbbUE3EKpQRSlkcA6d54rJYYmlC_qWVzE09ZzGMjtT9gM3wWz-tB571yNBaeR8zR15-UNbEiFrY0iO03mO4KpobRGYjd8D7PvUsTORmIcg42iXfBBcqfRxuafpi9rpbkJT9PmHgxmNh5Obg5yW9cdDaSL8eS6PCvfE1Hb3eSxtmkWYY1pJTdseftckxHFitTCu7_Ql1ovY-OqQJ7ZKca3ZcOzKzfSdoSnpSsLsU2QTnpv448qT2usQWTKqLLMXcWOOSjSzOYjjvfhiNavDZXLqjqMdW2Y6Wldp5npzPW7jeBHCTL3ZMYsKXSEa7wdk37TXanBHgQOCBU5NAtNdFCuP50gwYj5A1ieFkAZps2Lz-K9P1FN3FvlqqpHLf8yoifvevFvmFIRlc1EVH0XJHxGaFZY5wLR-V7JR7OYCREnoMgqxg5zGTXIEchwH6cMivoIemyuEHzr3vNQiG9y_yvWxA3tjZNh5qTaVV5fj9IvoF2-rMU

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5219 280 KB
93 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e703986aba397af58ff7aa7945730747e880c1951d5c7a5fb25aff6415243614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B186 0
24 B 59ms
59ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-gGlV5jaZbTtLKrA9u8P29yOkA4AAAAAOAHgBAI&bg=!bG-lbyDNAAbA870Z4PM7ADQBe5WfOBlRwNyO6d2wQ-AU5ku2tB-jVmeQR7q3l_VAB6-zLcfzLfwAwhREcZ5ZCB6mBybHAgAAAVBSAAAABWgBB5kDXCBalNrFLW3pl1supy1omWFZPH_4r3fvnSH-CvPOmRSKPVX4FsMgrhwi35vU_vte9ZLiUun5Ts86dJNJ6wVBqswrYfWZb0N2b2JLOno-Rc4940HwmUTNTB_wvwsm67meVfl7yRpY9zEHyU4qNp_M9NHwwUHtJnvxyPC7hcFadNVxNHDsKCWSUTKEnGC7yy_6pgVkPHYAukdKsyi0fWquBcflSWS0MD7vG-W3QMHfkKIdYng5X2O8OdUH9CJIfW0w32wd5Fe0N4hWwIGSRj4xcOx1OaplB7l2CLybw_0DrS5cCDdRzX-A1iwNwUP7Xjyjo9KL9h_22UBvSrnPBg6Jp65WnSCwlgMS3dD60TLyobA5vt1R6giE2Z8Lcrtq4SsbZid1hdBukYPrvQoNfLLwLIuuEBJdiphF8mLk81WTCx0uD-_Iyi5Om45dilcm7VjNMeDWlYlNs8BfWMahhu4SEPFpjsCy28wUpuiGCuIDPjO9JXn4wLVRgN5GLD6gkFaRKZx8sxnQ6PwbC9bU9mTm-pbw_YGBb1SFYj9dPpBSGAHEEUJLCPbD0bTU6moWyZbqFGwKLhnUgaoVOg9mp-9B0sQMCeH3iZwxF94wnuVxOVz3ew1YDVACjIsqdqUdjd81JmsC2y3fBM6FSwPZE5gAG65UYHcV2yfxMKe_gXmm1UZg5yZOI5xj7w4hocdGq3f71MZxeL08QimtGaubbYBt0cj9MLKHDHoMURW_-n-l57V7AfLQmD8obaZ298ZSWNFlwWhCnWSBx0puR8BoiVDSVwvwUir3lGFNoFoAX8mMrOKkr9qqhVHfnHlcyBnFZ98KDkuIDg5JFei2x0GWPn3k0ujoy13Ga7FTIMbq0UI1sA15weDhGu1O9b1ooc8BVTaRFlEgaRFJEL1-7oELAbr1g8bsIAY6jLGIMaNJFwcH-V6gw9YMTWavWt9W4ESvNCLVjVQfQqZrUA9toiVh6KgmyKp137H2Hjt3uuKlfGrAhb-sC27GSf7ZRkIvrOgXgI5UAC8mVo2fsOXJgV5S1pwgiLudLB7mu6nBFYxUYRinFtsOCQJvrukcTqGa4ImiEiTcwqNz3-vT6pwgMSGFnXiv8p-fJNNVUeLbCiya4BdHJECN9jVQAE3fm4msRqhO

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 50ms
50ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d4e16846b1eab67c1520a13136e5df371161dbbea1c266e263a5c1de051dad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12419
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35ED 13 KB
5 KB 29ms
27ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 21:34:07 GMT
expires: Sun, 23 Feb 2025 21:34:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A5C 829 B
1 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c16f10f212a702fe2199a5f2714e9c2c076b372eba984fedf1c04b5d6adf961

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gOq-9IZEEPijT4xbyiQ7Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gOq-9IZEEPijT4xbyiQ7Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 01:31:04 GMT
expires: Sun, 25 Feb 2024 01:31:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 35ED 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 21:31:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A5C 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=3537540540132598&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D38B 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvetOHng87p_a-OMduKr0LHvZpI04X2-MeNGYnBMD4343wYhbV8HJMRn8Zityr-65kYHwYrfA7Iz6fNAhQVBCu3IN4SiFCkuTzUaBblq4yiVB84TMXyRJcMso30WWZmrXCjeb7GLg&sig=Cg0ArKJSzP79iJo6QqXYEAE&id=lidar2&mcvt=1025&p=0,0,600,160&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=475746300&rst=1708824663221&rpt=117&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0566 0
127 B 43ms
42ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Feb 2024 01:31:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 35ED 0
10 B 27ms
26ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JPNYYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 01:31:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 7E37
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aa071ad0-c535-4670-aaad-c776edf266c6&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=255abcad-527d-4774...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=df0fe0fcef344ad09f5139985691d672&tids=15000&med=10

0
18 B

80ms
80ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=df0fe0fcef344ad09f5139985691d672&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 547FC481393C4502942D0B2A9009AC07 Ref B: FRAEDGE1815 Ref C: 2024-02-25T01:31:05Z
x-cdn-traceid: 0.92a12417.1708824665.20cd8c30
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 25 Feb 2024 01:31:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A43E094AFC2470DBB49FCF0FE3532F6 Ref B: FRAEDGE1514 Ref C: 2024-02-25T01:31:04Z
x-cdn-traceid: 0.92a12417.1708824664.20cd8ba9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=df0fe0fcef344ad09f5139985691d672&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 7E37 0
991 B 48ms
48ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.csgowinner.com&e=wqT_3QKmB-imAwAAAwDWAAUBCNaw6q4GEMKig8XKzKGiIRgAKjYJJvlpLbbGnz8R_0P0XtNUnz8ZAAAAoJmZyT8h_w0SACkRJMgxAAAA4FG4rj8wmYz_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4AIABAYoBA1VTRJIFBvBSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWNzZ293aW5uZXIuY29t2ALwBuACoqgx6gIaaHR0cHM6Ly93d3cuY3Nnb3cVJlyAAwCIAwGQAwCYAwmgAwGqA6YDCrwCaHQZMPCGYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjU1YWJjYWQtNTI3ZC00Nzc0LWIzZmMtYmE0MWJlN2MxNzczJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zCVxUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOADKOcQC4cnR5cGU9bnVybCZ0YWdJZD04MzczNzg1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wbV9qY2kyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM5NzE4ODY2ODU1MTkwOTY5OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk1TVRFM01qZzJNekV5TWpnak1qTXlORGN4ARjweU9URXhOVE0wTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWqzJ2lksLI_jnABQDJBQAAAAAAAPA_0gUJCQAAAQx0AADYBQHgBQHwBcg0-gUECAAQAJAGAJgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXLAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=2c43adc300a4fc52b590be169137d45887e52b59&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=3142719911554654475&vd=ct~0|rr~5&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=8373785&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
an-x-request-uuid: 8c640feb-a097-4f7b-bb3d-f7db195d217d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E37 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZpchZdPELKcyvNFV6Tw4bBWYZ2hrTSKowBpiqBQjAKqU-B292eZOyaYUOz9QRP4qWDFWC29Pz6lvqPOzS8-UarnJi5x8CVSHGCk9ZDRfNQVFPDgpHaIX5vpv5Jk4k1lQSypkCs28&sig=Cg0ArKJSzEE2D-IkxM4SEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=475746300&rst=1708824663199&rpt=564&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
choices.trustarc.com/ Frame AB11 19 KB
6 KB 114ms
28ms Script
text/javascript 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/get?name=pmw2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=1708824662561912&js=pmw0&w=728&h=90&admarker=dynamic&cid=sojern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 80ac79e2b323f817ddf6baef42c8ddf4fbb802386d12091323252af08059efff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:11:47 GMT
content-encoding: gzip
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1221558
x-cache: Hit from cloudfront
pragma: public
last-modified: Wed, 10 Jan 2024 03:10:26 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 6pBuq5VZGHVEt0gpQKCyXH4xzB752YGmMMq0SvJXI4XSzd49r74ScQ==
expires: Mon, 11 Mar 2024 22:11:47 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame AB11 43 B
434 B 212ms
126ms Image
image/gif 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=sojern&w=728&h=90&c=c2cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-32.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P11
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: U7ZfwXjOHjDMEYo7xAx5G1HokWV8JmKbIs38LLL4DxqT72YNc9iy1g==
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 25 Feb 2024 01:31:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB11 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutwoFQqddlOF8jeY3qrch1s1t7l79b1X7w_6jT0AxY-xMcphD3c8o2xcM_98Nr-zm3MDylRsg1RwWZaou9yLwiP8sYQYlLmU0keqY4voVPca6kwgXL8hUFUVpDeE8eDXH67hOb911Ves0NzRd0mLCV&sig=Cg0ArKJSzH7QM1t0BBHJEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=876,1000,1000,1000,1000&tos=876,124,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1877897938&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=475746300&rst=1708824663241&rpt=749&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB11 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkwUsZ_TvXgh79-zaS1JJRpzSefKXa32-q_4CtSNOTpAUYTmWeimadfRF4mO58189NR-hNSGgT52ydnOBnGZPaxca-0pNOwLuE3V4TTPN3WTDopbYUe8i3s7rfo2JfsYghqndXWXlg8d3vTAQ3_dfGqBivgTwi9MT8nQ&sai=AMfl-YQfzzG0dfROesjtjNNC2B2lC6dBOchYbKd-nb3UuCHyxDrRPaSMbL4ujfRqFbb1Nd_5ezp7EJjCb0a8AaTeuTUzdUTa8rlRrOTL78OCW9o9Oy022t44tqvWqB-nKnKDGomL2Gd9h7M53wYpIRyOVQ&sig=Cg0ArKJSzE7eZJHenAxSEAE&cid=CAQSTwAvHhf_5835CBQZE2dhqbv1kPw8IvvGIoVXVNYfUJHth9ZYZn-yKqHv00eg1VpeAuHU_Fzigdgqog3auR38554xCKD2jPcZSdT_MiOGfVYYAQ&id=lidar2&mcvt=1002&p=0,0,94,728&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=475746300&rst=1708824663241&rpt=745&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 164ms
42ms Preflight 35.176.11.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.11.248 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-11-248.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 25 Feb 2024 01:31:05 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7389 16 B
209 B 98ms
98ms Fetch
application/json 35.176.11.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.11.248 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-11-248.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Feb 2024 01:31:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB11 0
25 B 55ms
55ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7463804502508&version=m202401290101&ct=77&x=1&cor=2829063179117528000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 1F0E 287 B
680 B 26ms
26ms Image
image/png 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 05:09:13 GMT
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 418912
x-cache: Hit from cloudfront
content-length: 287
pragma: public
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: -zQ5PCwmRfqqTc5NqJdNHT7zlvg2YJt46MqQ1Sud-dnobEZkpDamjQ==
expires: Thu, 21 Mar 2024 05:09:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=3537540540132598&bg=!trWltfrNAAZ3BdUuVwU7ADQBe5WfOGwOHtxAab04Sn5Yl3ygiWEiSmVyIzt7cqswTDu4NUTQou6AeR9YG9jk7TKO7KUvAgAAAGdSAAAAA2gBB5kDAaAA6qByGK3xYHTwwGFGp7cYkqpHkseeI4pV6AOeMHAlTwOfzFMnjYAn40U65Jz-CJdU9XAAyW7ywpeWvIQE5vJ8vT68p7SeA7d6-eHCKtQ8-WzzbrR3NYeNrINhli3FUuaEF3jJ_e3B844TJ0KOfLMpMq0zWy5qmMK3-ilgV8sUN7ufzBGZIjBi3VHF5zFINcWT6pBhjD8KxUEpl7pWGd3tlNVf1mcUqucZ191Xf1e7ANlC9Og6uR7H6PyJIVsjaxFEYF6ZU-luHUisLe45wWQzyMT2Fom-3LnGGIJ9UV7NubUqkAzI1sPWo8hzyY1-B3zAMgcJKB5FllxXm5WxCa9mBHU6S7RBjv_LzH4Vj6p7HBFwzyPzydmBy9S7pyeTPFswn--aYgIJ7fenPg41RWcFBXfLjK1-dhd1iIyoTmSJWu6q0A-J5eqzOn70vrQnXvMXdkho0P2jUZcmfPpyLYftvoprc2JYyJZYKTwv5xSI-FbdzuYmjQU5aldQnk19NHUObT1JtngIgJS-8rdszXXmKaQxUiDMgQWviO3zF1MBWwzj_jrVQ3xteH7XROTnapoVlpNGVv-47P0hpBm8YYknxq2C89nRTuV2-KFyHIZcg41aW7SGY2E1n9qoLn_UvPnHiRYv14I6stpsnFVTeyXynLkOmG5_DhAmp-DelPnKUT7JRS_JgT496QticClgv4OyG60peo875tr9o9C7PmZ_1nUVee9Pd6h5_u5q0-FAv5S82Ispj_0SUuVcEMd8CPWhPSeKAJmaQwRYZlO0_zCtjoVOyJ02HssFpPl9aqfnSL8t91XoKqQmXnpQ80VDpZTIh9WuDX1jRnCkv9fYsvhRnQTJO6_uNo_VD9tUegOtu10yvzDuOTIf-kqp6QNTm0wmp-Mj8RVZf65r7GQUYhSaSWVRIOHSgMV-92enxcrSH-tW9AYlmYZpCtSDKsJSFHqYv0xUWp2Cv0byRvU-6MlyMwqZooNvb8vA_NtslSRlflo7t7v33TkKBLSj40ZrtrU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7389 0
25 B 60ms
59ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4573860601934&version=m202401290101&ct=77&x=1&cor=8427979348079025000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 01:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.t4ft.de
URL: https://c.t4ft.de/c/ftg_t_v_bk.min.js

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.csgowinner.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: l3kdedpln3sb9gfkdiklngmq02
.csgowinner.com/	1970-01-21 04:16:24	Name: _ga Value: GA1.2.1094523460.1708824662
.csgowinner.com/	1970-01-20 18:41:51	Name: _gid Value: GA1.2.1208694991.1708824663
.csgowinner.com/	1970-01-20 18:40:24	Name: _gat Value: 1
.csgowinner.com/	1970-01-21 04:16:24	Name: _ga_8XXKX2F00B Value: GS1.2.1708824662.1.0.1708824662.0.0.0
.csgowinner.com/	1970-01-21 04:02:00	Name: __gads Value: ID=eab7897966fc6a7f:T=1708824662:RT=1708824662:S=ALNI_MZMWumEWHwpcG9Yl71V07CS2fQEeg
.csgowinner.com/	1970-01-21 04:02:00	Name: __gpi Value: UID=00000d61a77e20b5:T=1708824662:RT=1708824662:S=ALNI_MZRq1aC3LZHbCPvmsHslZs7injziw
.csgowinner.com/	1970-01-20 22:59:36	Name: __eoi Value: ID=0d7cc66683b0468e:T=1708824662:RT=1708824662:S=AA-Afja3qcmmBC2HPfRq4UyhbAne
.doubleclick.net/	1970-01-21 04:02:00	Name: IDE Value: AHWqTUmn3N-WMAcSxzYtD91Z1fXYgkrstvhH0HA_lZfogM1eF5j95Sd5NMS8XL5dHLQ
.googleadservices.com/	1970-01-20 20:50:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 22:59:36	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:59:36	Name: APC Value: AfxxVi6tjag0uIrmsZwRYxWJSsr04ovHBhoy6yzG5MqUWNLZpkChjA
.casalemedia.com/	1970-01-20 20:50:00	Name: CMPS Value: 3245
.casalemedia.com/	1970-01-21 03:26:00	Name: CMID Value: ZdqYV7mqPZIAAB83APeEGgAA
.casalemedia.com/	1970-01-20 20:50:00	Name: CMPRO Value: 3245
.adnxs.com/	1970-01-21 04:16:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:50:00	Name: XANDR_PANID Value: lrJVbJnOLbtfaQ4q5qAlzf1OsRM1jiVnsQmkgpb2T1crnu20L9-XVmAb7N8400gUEsZtmCNgIASy2nrgWMQgo3tVHN9e47BHnw1pfFjB_pA.
.adnxs.com/	1970-01-20 20:50:00	Name: uuid2 Value: 2736603347145135733
.adnxs.com/	1970-01-20 20:50:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUnOd$?!]tbPl1M>e)ZlrFUfJ+tGXxoT^ytle8yNQ<Kh%r8Y2T:1:DNPjNacuk^PbxQ3If)y3KL9D3I?+lHES[#
.doubleclick.net/	1970-01-20 19:23:36	Name: ar_debug Value: 1
.bing.com/	1970-01-21 04:02:00	Name: MUID Value: 0FE72C70B76C6FCC0EE93840B6AC6EC9
.redintelligence.net/	1970-01-20 20:50:00	Name: 8lcfmzhxc8d6_uid Value: 8c7f9e6ed646ffdb
.vtracy.de/	1970-01-20 20:49:57	Name: tr_id Value: vi-faf9e7e8-8b79-4ca7-93fa-e714f19ec710
.vtracy.de/	1970-01-20 20:49:57	Name: tr_dt Value: 2024-02-25+02%3A31%3A03
.vtracy.de/	1970-01-20 19:00:34	Name: tr_gsd_pm_dach Value: 2024-02-25+02%3A31%3A04
.adfarm1.adition.com/	1970-01-20 20:50:00	Name: UserID1 Value: 7339346046479693983
.vtracy.de/	1970-01-20 19:00:34	Name: tr_aasd_pm_dach Value: 2024-02-25+02%3A31%3A04
.simpli.fi/	1970-01-21 03:27:27	Name: suid Value: 9BD803E5F2864E9692B0A4380A39D042
.adform.net/	1970-01-20 19:22:10	Name: C Value: 1
.turn.com/	1970-01-20 22:59:36	Name: uid Value: 7511607769239569029
.adform.net/	1970-01-20 20:06:48	Name: uid Value: 7289095734665601395
.yahoo.com/	1970-01-21 03:26:22	Name: A3 Value: d=AQABBFiY2mUCEFy-6kTS4cQorTW5Fr_QBSsFEgEBAQHp22XkZQAAAAAA_eMAAA&S=AQAAAqvcwGVwxMyA5trVs0DuPV8
.office-partner.de/	1970-01-21 04:16:24	Name: source Value: {"webgains_webgains":{"timestamp":1708824664436,"clickCookie":false}}
.innovid.com/	1970-01-20 20:50:00	Name: uuid Value: 898b939d-2e1a-450c-83c7-06da859feaa4-20240224 20:31:04

132 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://steamcommunity-a.akamaihd.net/economy/image//96fx96f Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://c.t4ft.de/c/ftg_t_v_bk.min.js#aid=1400&plus=1&fcui=dcm-4652314&fcai=31370318&ffli=387082572&fpli=5106718&element=div%3A-ftg-sibling& Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.csgowinner.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
adsdk.microsoft.com
adv.office-partner.de
ag.innovid.com
ams3-ib.adnxs.com
analytics.webgains.io
api.webgains.io
beacon.sojern.com
c.t4ft.de
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.track.production.webgains.team
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
csgowinner.h2887616.stratoserver.net
csm.eu.criteo.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900026.redintelligence.net
ib.adnxs.com
imageproxy.eu.criteo.net
match.adsrvr.org
medialead.de
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
red.vtracy.de
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
static.criteo.net
steamcommunity-a.akamaihd.net
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.bing.com
www.csgowinner.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
c.t4ft.de
104.18.36.155
107.178.244.119
13.32.121.5
138.201.84.244
142.250.185.162
142.250.185.66
142.250.186.98
172.217.16.198
178.250.1.6
18.184.93.224
18.244.18.32
18.66.147.52
185.89.210.244
193.108.153.23
2.18.96.175
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2620:1ec:bdf::60
2a00:1450:4001:800::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:3500:1b::1724:a392
2a05:d018:d29:3601:1a4a:b40e:95e8:4bce
2a05:d01c:4f2:bf40:7276:b92d:c8b4:8166
2a0b:4d07:101::1
35.176.11.248
35.176.232.93
35.204.74.118
35.214.149.91
37.157.2.230
52.223.40.198
81.169.142.103
85.114.159.93
91.121.248.44
94.23.99.218
99.86.4.53
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
02eb4635a154110cef52f4b19949630a4caa6065dfae9b4eb4c2ed5f6ad017f7
03dc6d2ed3949907c7c3a4e9bec2450fe8f54fcd4e809e5b9f52ad10e63f4899
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c174608a3ef7942f038af7a8b74e847084622f08ff98cf44d598e7818d8ad64
0cab69b0150e4b5fd510f5aa6f9523e2f9c9e861c80d8049e43ee4c866eea99e
0cf40c66887487cc9e1898ed78b35b942b249d2b3412ad2b73901b4b14a2e811
0f38d474df76c934e63f0795a86afc2c0f43fa7f68f71f0a8dbecde5cc407fde
101cd6134fe937beb40dcd2afa9798fb30cc28a9ae28f0e777587c935a843c65
1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd
163d36f7dc83c8fac015bd44e37a861061ba61157be5f418cb11f86841cf0e13
198a2a28077dcb715db9ed4af5e3ab5da5e3eb97df4eed422785e6bc975e4510
199d9e9059d6b7b70055caaca073e2baae78d8d60e65e7e8122eb90092eec713
1b64c55ad31a65e350b81efd21df468a04e0374f5b313166628176b59ab4fb0b
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d2ebef5cb88188e11bc1278256887405a23560e31c797fe3054f1beeb4a3ce8
1f43ea6cbbf261394f83dc2f3425942bf6ddf498490f6cecfbf38739c1ff8b71
1f765c8e2fccb3263555175fc73f5fc13f8157d5ac04190f942bff8baf143f16
20d23c9cce0d600760903a969ae1dca144537dc1aec81a644cb50abdb90275f6
217c17b6cd94d35015ac89cf1c29ad469ad2cf17f1789387a9b1418da928ab00
25a8eda86ed9702009c3556c52e2115e375c7a38bc4007313eb98e306e47db84
25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
27a024b26c6762c5e95923c6869bb5b5197fd6c2bcd4cfc8e6d942b8a3e1d757
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e97ae341dae971a2583f450ce1bdd94e019cda71db0ea56cbf46420a356338
32db5d62aef341482158d7386be18383e392e2c6ef40c93cd96ac2a99fc9047e
3404432a263ece4af13ee10c7c6100a547efe9877de930b8a80033e8988cd8ed
36a084f537375d0519cc402e60b8ef780656a5acf18d7916fe2a6d2e9b6fa153
36ea03ae73d9ba9883ed8420c796d7661df4846a17aadae944941716dc97c07b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3c16f10f212a702fe2199a5f2714e9c2c076b372eba984fedf1c04b5d6adf961
3d4e16846b1eab67c1520a13136e5df371161dbbea1c266e263a5c1de051dad5
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
4036cd74da3c6203a05899365229911751cf83d729b506a446e83e7a555fe9df
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44254363fc2f102b3bf465aebcc45c1f02e2be3ac27791865be1060c00bd59b3
44df7cfc5c2ac696735be3dc6868464527d7532ba27c1b457bb5c8475dcc3917
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f4aee0d1453ce449f0face3ffe70707fbb83bce3c653d4faa339339b7c621a
46fca5bc03de756ba3e8dd391fbc426e997ad3e4ec25b5d4d558097fb36fd6c8
4739c37317987b888b06374bdf8ff0171d30618629a434f6f825a5669c343c1d
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef28c24c782645efb2297c9e44fb12f6cb3f7e6eea9ebb69d4e5685ac598e36
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
5ab68e592ac2d966e7007a776edf0ad97d7b3bc8b60ab1347441ab0513720cf7
5d19ee104570129d5d62a2abe03a575e24fb2065f47e397e1cac255ce9a705e4
5d79022f45ec1f26e7482de77a0b71e28b1be1085b4162284af65ee787f7d53c
5da155d3ca2f5e066f6e0a45f3f9d08bbfbabe037e522642436fa2c9174f3822
60f898809f0dc5334f1acb2ae99236028fee0ce3e4896b6b6e894273bbcf600f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63e7fd3b97891f08d6f1c202a08a08dad5ba1f863e8a2ccc61e0bfaca9a63104
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
661cf45352ec19dbc6c940c8f9d6591dca29e0f7cf79e538fbd00ec18d9196ca
67d70e67f86468efb430662fb2617e2288984f995246d58cb7f8037b7d25d4d7
6a1a1650d23e02a7d4df6c1ac18e19dc4f230af5cf0e072a519c8abe83f86ced
6ebc15f291d34f9c00142d250aeed6adbfb0c23a60766d5619d7e7488814d570
71636cc0df2794b439212c2c77b0aab204391926b754b69dcc779f0d83778362
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fa4dcf3a98c6fd3a25b46d7f16291d7d4e52385909bf3be91025fac876567e
76271d26de2ef4a92554784dbd313ff18c2351aeca003204a110fcd7ebe31cd8
777ec37f18f4f6b8b25a28728580c4eab8b3b87a62305e67cc2da8ec33de36b2
80248151b5242dbf4c2291e7d6e9140d38ccefa9d2afe5bd04929ad231750ab6
80ac79e2b323f817ddf6baef42c8ddf4fbb802386d12091323252af08059efff
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
84d00c3e0810ccb3cf024554431a024d63499ab8e3d512a1d43027d061c1a566
85ecaa203aff913ee5b3607494b8bfaed52195545e122dc2f400672a470277a4
864a5588c641a8f5c399f0b1efd4532996d9b734684375c6b79f34491e59b9fc
89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8
8c287fb55c8e47837e5db868c506af289a781e0e23e26542a54bab953fc1ffb2
8cbbe56157eeb0b9eb02e18ac9a725364a4e49507f9097f3be666ddc608cae2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256
95fe23e3abcc01f8757b10b64654110baf3527c0ff0a905085d744c514065097
97fe4d79aea42c609f78ad3de0492dc9aa285e7fcb2bd9f1c06e5e1ffac2cd73
988fd704eb38a2732517a9cc41e7bd310be607ffb20e54111b296c42dd4bca56
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a6ba8e7f261b6df6ee177bd8acd88a5998e7b9372e25ee82f05abd02d1dffb6
9a7f518aeb893c007784d35a57ff140728f112869aedd699457dadc39d3cf4cc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4979df8bfc20adf5e598bfbd458bc75e31b4158b8bd4be5ce0efac6ecc9497
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bc0d0014985be076e802e72babdb19960b299ede4bbc07b193c4ce69636ab2d
9e26ac48adcbf43b74eff0774888dde0ad05b0593295b65574e8725ff04d24d6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0acc3ab0ee9bf854e406c291f36b9732975e9d9c689dd3daa665c5e76242245
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3eb96eb32ba1e63c6c8e6931e50260c38c12d0ee0a36157144fc527c6a0b46c
a6bc36e79ba0dab4e04ba487397f07627e0236e281f550a1022c291b406ed859
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244
a999043ff03463b5474ad5b57006b9b7976d6b58c88d9dff20c6e309ff232b8c
ab1a28b09c89595ba0f4b502bf4b905df55f92ea5cac6445ae84052ae3c8b1da
acde349098d7d482fff028104b7d8f87bf6593f5436a7d7e6ca3a543a8ecb131
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e8bedcc2d6768e063b1e560eac8588c5289b386f0044957d7f9b4e0dee063
b3e6114f446c5024498df5f4d31c11906c1f544fd345a952b48c947f1340d7e7
b4320212081e66aa38a7db937e407fb3a160f0facde884ac6b4edac60e01c581
bc1241e59e05ee313241dcdbef7af9dc74df6cf38cbf940e93e8fc4040dfddd7
c69de2ade9274cb24e61b4b229e5671c3ba96cb4dc3a74532bb67f334ced6eae
c6fdafff5ebb1051a3eeec76fc4ed6988433aee0046e5c7d4a02ee38e9730a15
c8b5f16b8ad9b0f8e7d8f55e4ef9eaeb5622cd77f9a6d8cba99442650d9139dd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cac1a83147efa276f6a895b65211289564b16f0fe0d5028e9153576bd281054a
cb3116def1a116ef898d8832dae3977d186806688e27d0f2272810d362da509c
ccf21ce3c4085512070135aedbf35e6fa6121f3ccb4a557baf6ce2c818058c51
cdad555a81d211db7836ba1f6d36e6cd1e3431a247a8ea5d61ebcfc4573d647e
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
cf882370c0bafd7d5279b39305b5da8acbea9a4d1efe5bb1cecf6fb7b8484c0c
d38352829ca38502cc18ecfaf0cf1e8a902b254ffaf17cc4ce4a678e89c830fa
d59e80bc9f4c931f6030a3b2e64578dd4930465d9d4169988afd1dc344aad76c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77952a0a550490748d0a1fd6d8678f55d975c49393036e0383cdda47de30115
db79517b7a05edf295f973e5edf5685c8c7c625c713ffc14c9221d58bd8e24da
dc5b562bfcfa18100468075a293b6a68b7eb9bb02673771355863a8d8fb9afe2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e100674ed0fd5275a2cabb99db8e14c19e89f9010b5da60e4c6784c2b0e522be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa77873ae0f5d483f306952bfe612d98e16ef913f31c4b0673929ef86b1c65
e4f03188bc85cffc0c30d25b3d85d409399b327bf822bd7ae334644c50d726bd
e703986aba397af58ff7aa7945730747e880c1951d5c7a5fb25aff6415243614
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e9254a067e4dbba942102a9c247d7d7191ecccaacca7956a230e94b3e1079764
ea63ce1b2a485b9800aa531b2ce16ee49c4bc14aa78ca725ccde2f9488c54725
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed7d73d2d133cb5410db4ca93f3cb33b2fb6455c36258e11f942fd99b3c99248
eeb230d2cf8b3621f4d6f622801948bc390e42e6f21c04255e2f10dc638db8f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c51b2516b39380ae3d2dcef4c53961466a57129bcc6f7df5c5408aa54922a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6b74ce0132ebbc0b21b93fd3e33e3654d4b6c64d77a8ed8eb972a823c9f3595
fb95b15a656443132dc0d73391a091f5226fda25d4f196708f5d6387b4dedf96
fd995724e7abb3af88abe834b55be70de1da605acf321aeb241a25326448cace
ffd64ed138a4765a5e50d9b4f3e1741bc96b54711f2ac6c47ba5f6ac881bae29

www.csgowinner.com Open in urlscan Pro 81.169.142.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

93 %HTTPS

47 %IPv6

38 Domains

54 Subdomains

45 IPs

9 Countries

4056 kBTransfer

7809 kBSize

34 Cookies

4 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.csgowinner.com Open in urlscan Pro
81.169.142.103 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

93 %
HTTPS

47 %
IPv6

38
Domains

54
Subdomains

45
IPs

9
Countries

4056 kB
Transfer

7809 kB
Size

34
Cookies

250 HTTP transactions
8 data transactions