steamru.org Open in urlscan Pro
185.197.162.100  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://steamru.org/ HTTP 301
   https://steamru.org/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 56

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 57

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1

Request Chain 58

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xpf3XJHMMtuzjnqIWwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1

Request Chain 59

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1

Request Chain 60

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D

Request Chain 74

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1

Request Chain 75

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xnYTxkur6JdYpJIasAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1

Request Chain 77

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D

Request Chain 91

• https://googleads.g.doubleclick.net/pagead/adview?ai=CV4m1xbSIZemRK--GjuwPq_ObuAHTqrTzdKqKq9qiEgoQASCQu4AEYJW6_YGUB6AB0bSvwAPIAQKpAnH13JJmerI-qAMByAPJBKoE9gFP0Fabi8GPNdJy0i7JQiqytWYJE38CyJ299PWTUqg5RNbh4g0Im-Po_nuctKMDPa2siVxIkcOrsI8G2l083sCK5mByep7hjd6mVhsAZ3h-8mrH4_vQryJu2MPnpw1krJdZlzVOAzSKWRF7vr_Fp8twPsmraSDy6UUSDmtCXdRmrwrgzG_D5arBIPBCXQLmGvBE56PVU4OmS9pQmLfVBP5TSH2M_w3FUa3doD_cILwdgKMqKXLjaofN8qqwYqUDwtw92PbiyMkr_-cmn50E8C6XYeENojcLWg4jspWheDw6i39UPt6_3qUXtVwUrWKmCvyAgxRivezABJb2qPnVBIgFgsD81k2SBQQIBBgBkgUECAUYBKAGAoAHl8vQP6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMORE9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYyeL2wpOpgwOaCRNodHRwczovL3RyYWRlaXQuZ2cvgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwLQFQGAFwGyFxwKGggAEhRwdWItMjE0Nzk0ODY1NzM4OTg2NBgA&sigh=W53IKSTaJt4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229085979187319904199%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeit.gg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940300881%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215575143840943756769%22}&andc=true

Request Chain 92

• https://googleads.g.doubleclick.net/pagead/adview?ai=CxXUlxbSIZeeRK--GjuwPq_ObuAHl2PDwdP_tjMmXEsCNtwEQASCQu4AEYJW6_YGUB6ABn_qPvAPIAQKpAmypmRFGOGE-qAMByAPJBKoE-QFP0Ao0aoH5SstCoaIPqMg_QGYqdkZicR8ltBB-qQ3jPgqjE96_H9OyFYmGmkTuYo9OlHtLN8a7zvA6EaG6aLhNL3cniq_HZQvIcq5ymKt6B-TjDc0S-Fg9cUn1fNOT7oY8h75NP8Sn9VEkfDVm_6-gGLNK87tcK99ofMZG__HQxkH1KSvMKe69iQ7ljae00NxHtnpFLrQFmw_nSgbMx42sHJmfdqVQEwC9eY-IapqXC7rr988o6TEhjD80Hsb8ZC6Vzc77yDMInjaG81t1F4MrIbJuXr5bbX-M1rXUcMzWbEJCXE30a8Fz0g54RNbbPjLaTdUO-PltLXDABLfL7_PEBIgF-YDt2U2SBQQIBBgBkgUECAUYBKAGAoAH-ujfQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELS0ENIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYyeL2wpOpgwOaCTBodHRwczovL2RlLm1zaS5jb20vUHJvbW90aW9uL1dlaWhuYWNodHNnZXNjaGVua2WACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMTQ3OTQ4NjU3Mzg5ODY0GAA&sigh=9wy4aQqG7bs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210647704271746153100%22,%22debug_reporting%22:true,%22destination%22:%22https://msi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22931396895%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215340561138684856481%22}&andc=true

Request Chain 99

• https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 104

• https://gcdn.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/168CB695AD1F7D40A37BEFEF18F56645131752A7.8B0B0505988F3707F7E6BC33CAD4D98ECD570F92/key/ck2/file/file.mp4 HTTP 302
• https://r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/148D57F3899E616B963F7F2C8C1546509004A531.2DAB29521C2F2D734153B91AC735213E5F40ABEB/key/cms1/cms_redirect/yes/mh/2C/mip/2a01:4a0:1338:92::6/mm/42/mn/sn-4g5lzned/ms/onc/mt/1703457624/mv/u/mvi/3/pl/36/file/file.mp4

Request Chain 109

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKrvjAt2z4YFo9OVPDDlEp0&google_cver=1&google_push=AXcoOmTusd88xv2sIED9zolhVuWHDOOZuCfjmfWyqY-THlQGN_p8mqvRFX_pTra1__Pr-SAejbXBeo2ZHfQkiRf0B3F4wEKKEXDHE-Px HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3NDI1Mzc0OTI2ODQ5ODk5NQ==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFA36iIYPeuLaqv-gg5JGGk&google_cver=1

Request Chain 110

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 111

• https://um.simpli.fi/gp_match?google_gid=CAESEFv5q0mysBV5MUS_e9dSPms&google_cver=1&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d3V5G-FZcbeRG5LNsc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BB20EFD965745B3892B3260C6005279&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d3V5G-FZcbeRG5LNsc

Request Chain 114

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAL12hfPOYT0_rsXaYB4ZZo&google_cver=1&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTOphRzUcuMu HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTOphRzUcuMu&google_hm=eS1zOUsza2ZWRTJwRXNsSVpoT0p0MkVFMUxPd3gwRjB6Rn5B

Request Chain 115

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOMUd6MCKtH3vZfvLGgu4sY&google_cver=1&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IKze79E3zxx_FlAs9BgI9l3ynN HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOMUd6MCKtH3vZfvLGgu4sY&google_cver=1&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IKze79E3zxx_FlAs9BgI9l3ynN HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2MTgxODQwOTI4OTIzNzcxOA&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IKze79E3zxx_FlAs9BgI9l3ynN

Request Chain 123

• https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698500&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 138

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1

Request Chain 139

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xnYTxkur6JdYpJIasAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1

Request Chain 140

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENaDqeTwBC2ECaApnCnQtMY&google_cver=1

Request Chain 141

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D

Request Chain 156

• https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 168

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9viRSEbh4nqQ2Dr6PgDwI5wa0f-fhczm-pz25oFReTc5OCfNlBnNH-exExKP4Hb9uUtGzKL2mU0fKd9Vr9gYoA2RO8xS1-CLH1U23xTWIbl84KBxQY8 HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9viRSEbh4nqQ2Dr6PgDwI5wa0f-fhczm-pz25oFReTc5OCfNlBnNH-exExKP4Hb9uUtGzKL2mU0fKd9Vr9gYoA2RO8xS1-CLH1U23xTWIbl84KBxQY8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHpVc250MHoxUmh4ZVY1&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9viRSEbh4nqQ2Dr6PgDwI5wa0f-fhczm-pz25oFReTc5OCfNlBnNH-exExKP4Hb9uUtGzKL2mU0fKd9Vr9gYoA2RO8xS1-CLH1U23xTWIbl84KBxQY8

Request Chain 170

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEMIkiqG-F-9POMl8-2tZcFU&google_cver=1&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU2kxrd4H4bFTtX0uwyuGs5ZQVrp5NjABLO5VyQJH5wZ3LrWIqM_4iwfqZ6_nkq4EfGfvs-g HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vbuqFyQRYohYYiwbpamvA&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU2kxrd4H4bFTtX0uwyuGs5ZQVrp5NjABLO5VyQJH5wZ3LrWIqM_4iwfqZ6_nkq4EfGfvs-g

Request Chain 173

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHugbxbvhzfh9GMA08OI4aw&google_cver=1&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa8GUJqfiKx6HClCNR7hR8ANx5Y3xaeCbukGgSvxwfeE6SL4hfo_LpuELJRnMjY6mXg-YxIsDGrGA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa8GUJqfiKx6HClCNR7hR8ANx5Y3xaeCbukGgSvxwfeE6SL4hfo_LpuELJRnMjY6mXg-YxIsDGrGA

Request Chain 174

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPXdCSmbh7Fk96s5QwDDB34&google_cver=1&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzFe1VsuNbaDwYMEW2syrdOOtKSNT30nemQLoSy6a3oVhGbtHKRfsgHX2YSxokW8H54ARn-gRkOGzdz3oYR32zhM8ThB3bPM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzFe1VsuNbaDwYMEW2syrdOOtKSNT30nemQLoSy6a3oVhGbtHKRfsgHX2YSxokW8H54ARn-gRkOGzdz3oYR32zhM8ThB3bPM&google_hm=lBdleWRCTciVnUG9dWMrI2k

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response steamru.org/ Redirect Chain http://steamru.org/ https://steamru.org/	16 KB 5 KB	169ms 72ms	Document text/html	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 59385ae49bf5fa9dc2f4f9d8eadd4586a0b5573cde21be5e289b6a8a0ee6d400 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 24 Dec 2023 22:46:29 GMT last-modified Sun, 24 Dec 2023 22:46:29 GMT server nginx strict-transport-security max-age=31536000; vary Accept-Encoding x-ua-compatible IE=edge Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Sun, 24 Dec 2023 22:46:28 GMT Location https://steamru.org/ Server nginx
GET H2	200	style.min.css steamru.org/themes/	10 KB 3 KB	48ms 46ms	Stylesheet text/css	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/themes/style.min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash aa6670cd216514598e9395fb4bcaeecbd3d8bdd4bb541cc63ac995cf0308585e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:29 GMT strict-transport-security max-age=31536000; content-encoding gzip last-modified Thu, 19 Apr 2018 04:04:42 GMT server nginx etag W/"5ad8155a-27c2" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	136ms 48ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Dec 2023 22:46:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Dec 2023 21:30:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Dec 2023 22:46:29 GMT
GET H2	200	a.js Show response steamru.org/js/	158 B 386 B	49ms 48ms	Script application/javascript	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/js/a.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 9a886adbe15add3ec3eb5ed564419a60981a0a2bb266efc369417df69c1f1064 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:29 GMT strict-transport-security max-age=31536000; content-encoding gzip last-modified Mon, 26 Oct 2020 11:37:48 GMT server nginx etag W/"5f96b50c-9e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 51 KB	186ms 97ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: steamru.org URL: https://steamru.org/js/a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8fc6f2b980c14215812460929046510e5bc55fdd7b9e85a5fb7b38d3b29cca0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51433 x-xss-protection 0 server cafe etag 2980577569579310209 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:29 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d621f523e84eb7af66e3daba984f5ee4ab9257e301462577c3c66582c880ab0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pwk.phtml Show response steamru.org/	51 KB 18 KB	51ms 51ms	Script application/javascript	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/pwk.phtml Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 7f4972b6f7feb7a2dd6f98c8ea06df115dc3c07dca4efe0c0114ac85ddac47d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:29 GMT content-encoding gzip strict-transport-security max-age=31536000; last-modified Fri, 29 Sep 2023 22:17:51 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31622400
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	129ms 41ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:54:09 GMT x-content-type-options nosniff age 481940 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 08:54:09 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	166ms 79ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 00:01:51 GMT x-content-type-options nosniff age 513878 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 00:01:51 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 9 KB	177ms 92ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:02:12 GMT x-content-type-options nosniff age 485057 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9576 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 08:02:12 GMT
GET H2	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 10 KB	135ms 51ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://steamru.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:12:10 GMT x-content-type-options nosniff age 495259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9628 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 05:12:10 GMT
POST H2	200	pwk.phtml steamru.org/	43 B 163 B	49ms 49ms	Ping image/gif	185.197.162.100 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://steamru.org/pwk.phtml?action_name=STEAM%3A%20%D0%BA%D0%BB%D1%83%D0%B1%20%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9&param01=steamru.org&rec=1&r=748772&h=23&m=46&s=29&url=https%3A%2F%2Fsteamru.org%2F&_id=f2cd127e55091d61&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=f92Qs4&pf_net=97&pf_srv=72&pf_tfr=1&pf_dm1=151 Requested by Host: steamru.org URL: https://steamru.org/pwk.phtml Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.197.162.100 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps15026.ua-hosting.company Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://steamru.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Sun, 24 Dec 2023 22:46:29 GMT strict-transport-security max-age=31536000; server nginx x-robots-tag noindex, nofollow content-length 43 content-type image/gif
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	399 KB 135 KB	100ms 99ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f75407e81607e08ec9327aaed519df82048ee8845932c6eda36016758b02e8ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137959 x-xss-protection 0 server cafe etag 5803194493449799182 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:29 GMT
GET H2	200	zrt_lookup_inhead_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5D68	9 KB 4 KB	126ms 39ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 65990 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4124 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 04:26:39 GMT etag 17470903016016266172 expires Sun, 07 Jan 2024 04:26:39 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DEAD	447 KB 86 KB	442ms 439ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&adk=1812271804&adf=3025194257&lmt=1703457989&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsteamru.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457989447&bpp=5&bdt=397&idt=202&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7362054081539&frm=20&pv=2&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=219 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f16f61f1f12a254b3c06a66f847556b79e29f28c2935b74114db4f8994f0db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 88286 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	73ms 73ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navigation&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	167ms 86ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d8ed67b0b678a631c46dc9cb7d2ae75d639cf3408b59076742c8179a81dab1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12126 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	160 KB 55 KB	136ms 136ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56007 x-xss-protection 0 server cafe etag 5399100907576838485 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EEEC	29 KB 12 KB	347ms 347ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c1749e61c09cec7417f23bfe66a81926496212a4d56463c2c9dddaee60a869e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 12487 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5397	718 B 385 B	297ms 297ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x280&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250&nras=3&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9c60e688d3dd32c84c571a05832490e02848644ae6c5720ea9434b59712f4f4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 360 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DF2F	33 KB 14 KB	1397ms 1397ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ce68d65c3f09419741935f796b98fa959ae8116b56e18c9125406f49d21e469e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 14415 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:31 GMT expires Sun, 24 Dec 2023 22:46:31 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	175ms 87ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Dec 2023 22:46:30 GMT
GET H3	200	zrt_lookup_inhead_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 0DAC	9 KB 4 KB	40ms 39ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 64913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4124 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 04:44:37 GMT etag 17470903016016266172 expires Sun, 07 Jan 2024 04:44:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_inhead_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 448D	9 KB 4 KB	39ms 39ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 64913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4124 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 04:44:37 GMT etag 17470903016016266172 expires Sun, 07 Jan 2024 04:44:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_inhead_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame C279	9 KB 4 KB	39ms 39ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 64913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4124 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 04:44:37 GMT etag 17470903016016266172 expires Sun, 07 Jan 2024 04:44:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_inhead_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 879A	9 KB 4 KB	42ms 41ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2147948657389864&plah=steamru.org Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 64913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4124 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 04:44:37 GMT etag 17470903016016266172 expires Sun, 07 Jan 2024 04:44:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 0DAC	4 KB 767 B	49ms 49ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Dec 2023 20:54:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Dec 2023 22:46:30 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CA77	23 KB 9 KB	89ms 80ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame CA77	8 KB 823 B	50ms 48ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Dec 2023 21:59:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Dec 2023 22:46:30 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame CA77	15 KB 3 KB	150ms 40ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 03:37:52 GMT content-encoding gzip x-content-type-options nosniff age 500918 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2920 x-xss-protection 0 last-modified Mon, 13 Nov 2023 11:34:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 03:37:52 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame CA77	376 KB 131 KB	150ms 41ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:21:08 GMT content-encoding gzip x-content-type-options nosniff age 483922 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133672 x-xss-protection 0 last-modified Mon, 13 Nov 2023 11:34:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 08:21:08 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CA77	20 KB 9 KB	47ms 39ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0DAC	16 KB 7 KB	51ms 44ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 03:25:40 GMT content-encoding br x-content-type-options nosniff age 69650 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6766 x-xss-protection 0 server cafe etag 14924840246271906451 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 03:25:40 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0DAC	22 KB 9 KB	54ms 48ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 02:25:36 GMT content-encoding br x-content-type-options nosniff age 73254 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9210 x-xss-protection 0 server cafe etag 13914886398874665762 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 02:25:36 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 448D	23 KB 9 KB	70ms 70ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame F979	143 B 166 B	42ms 41ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 486 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:38:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 448D	3 KB 1 KB	83ms 81ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 448D	20 KB 8 KB	76ms 75ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	200	13500388779846840880 tpc.googlesyndication.com/simgad/ Frame 448D	27 KB 28 KB	83ms 82ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13500388779846840880?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkJC8R8fwFImOjnCwrHK_wejqDU_g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72206dd08cfc200b2173a0c03f9151ea53ac9faef4ac1f974b201d3eff425a86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 22 Dec 2023 09:06:22 GMT x-content-type-options nosniff age 222008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28072 x-xss-protection 0 last-modified Fri, 15 Dec 2023 06:36:23 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 21 Dec 2024 09:06:22 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 448D	203 KB 65 KB	177ms 57ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 448D	36 KB 15 KB	100ms 99ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 13:49:15 GMT content-encoding br x-content-type-options nosniff age 32235 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14812 x-xss-protection 0 server cafe etag 15202890134401013038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 13:49:15 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7318	624 B 246 B	87ms 85ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY88G5gAIwAQ&v=APEucNUYlegGq47YF7qOGwCwSoJtQOfEk5Z4H94Hg2Cr9ouy44nOxujn42JzBXlfBfT0joWcojBrNoCpNr5PRhJQoXZPlYmW0QFI7Gk3JMyKicPbHqbR6RLs2K1vGOTl6lIwCbTvdyYMHgEP3pBzbi8oG-JedDFss6ukLa1ynyiFsGz9nEm3AR0 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 283C	89 KB 31 KB	173ms 170ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 283C	3 KB 1 KB	96ms 93ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 283C	20 KB 8 KB	90ms 88ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 283C	203 KB 64 KB	236ms 134ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 283C	42 B 63 B	76ms 75ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJpAtbtSmi0xwL9m1KNIb4Kvl01A2tFRTZznduUHlTI82ICgYUVK1x92thVGcufsNXXHUcv4iHg23fkLsGBwVoHujGMKzM4eS9Hu5Bpec40uhGBjs Requested by Host: steamru.org URL: https://steamru.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 879A	23 KB 9 KB	80ms 80ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame CCCE	143 B 166 B	41ms 39ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 486 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:38:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A	3 KB 1 KB	88ms 86ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A	20 KB 8 KB	83ms 81ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	200	16385229822081635276 tpc.googlesyndication.com/daca_images/simgad/ Frame 879A	85 KB 85 KB	94ms 94ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/16385229822081635276 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b3c474069deb9289c49c1a629c738d56c053de43efbd9b18023df866cf114a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Thu, 19 Dec 2024 16:49:21 GMT date Wed, 20 Dec 2023 16:49:21 GMT x-content-type-options nosniff age 367029 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 87047 x-xss-protection 0 last-modified Thu, 14 Sep 2023 08:05:02 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 879A	203 KB 64 KB	208ms 124ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A	36 KB 15 KB	87ms 87ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 13:49:15 GMT content-encoding br x-content-type-options nosniff age 32235 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14812 x-xss-protection 0 server cafe etag 15202890134401013038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 13:49:15 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame F979 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	54ms 54ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame F473	13 KB 5 KB	80ms 80ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4599 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 21:29:51 GMT expires Mon, 23 Dec 2024 21:29:51 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame EB53	829 B 1 KB	111ms 51ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5c6dbd991ac653b9931e4fbad022d896c499458d22937b8c73b2dbefb3d9025f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aCYUKh7t3cWjkrUw9oPfzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://steamru.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-aCYUKh7t3cWjkrUw9oPfzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame CCCE Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	53ms 52ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT expires Sun, 24 Dec 2023 22:46:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 7318 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1	43 B 750 B	82ms 81ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY88G5gAIwAQ&v=APEucNUYlegGq47YF7qOGwCwSoJtQOfEk5Z4H94Hg2Cr9ouy44nOxujn42JzBXlfBfT0joWcojBrNoCpNr5PRhJQoXZPlYmW0QFI7Gk3JMyKicPbHqbR6RLs2K1vGOTl6lIwCbTvdyYMHgEP3pBzbi8oG-JedDFss6ukLa1ynyiFsGz9nEm3AR0 Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZANI%2BUvSLH6OseJrbdyHHtWzNsbGj8ItHFUdYnmOjdOFj0Qek%2BgZqO%2FnzQlb6l9DexkUUb2Smv%2FSFLonwKG4IC2J6z7GYpmek3i%2FAxAqRuLkffdBTWGE1tjZ1w4wvOQg%2BBadxwC446j9y57GsIm8hNknjDaV7Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac617aad8c5c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 7318 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xpf3XJHMMtuzjnqIWwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1	43 B 752 B	55ms 55ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY88G5gAIwAQ&v=APEucNUYlegGq47YF7qOGwCwSoJtQOfEk5Z4H94Hg2Cr9ouy44nOxujn42JzBXlfBfT0joWcojBrNoCpNr5PRhJQoXZPlYmW0QFI7Gk3JMyKicPbHqbR6RLs2K1vGOTl6lIwCbTvdyYMHgEP3pBzbi8oG-JedDFss6ukLa1ynyiFsGz9nEm3AR0 Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB1C36RrRYm3f%2FonHD246hjlLDN4Nl7U2YEn420x%2FD%2Fo%2F07%2B1cvdbTBFHAlpj6RTAtoWD5nX3XZeiD3fpOKjc9ICIcFnsgHi1rwppnZ6PIWVF6%2FhKvSAiD%2Fowvv%2Fi6oPPRU2oA%2BIXNBv1ynnnQhJP36jWdmIUg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac617b1e205c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 7318 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1	43 B 844 B	39ms 39ms	Image image/gif	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY88G5gAIwAQ&v=APEucNUYlegGq47YF7qOGwCwSoJtQOfEk5Z4H94Hg2Cr9ouy44nOxujn42JzBXlfBfT0joWcojBrNoCpNr5PRhJQoXZPlYmW0QFI7Gk3JMyKicPbHqbR6RLs2K1vGOTl6lIwCbTvdyYMHgEP3pBzbi8oG-JedDFss6ukLa1ynyiFsGz9nEm3AR0 Protocol H2 Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT an-x-request-uuid 0c5fb078-1693-44c3-925c-9cc335bd2e26 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7318 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D	170 B 243 B	49ms 47ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY88G5gAIwAQ&v=APEucNUYlegGq47YF7qOGwCwSoJtQOfEk5Z4H94Hg2Cr9ouy44nOxujn42JzBXlfBfT0joWcojBrNoCpNr5PRhJQoXZPlYmW0QFI7Gk3JMyKicPbHqbR6RLs2K1vGOTl6lIwCbTvdyYMHgEP3pBzbi8oG-JedDFss6ukLa1ynyiFsGz9nEm3AR0 Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT an-x-request-uuid d73283e2-179a-4419-9bcb-55f792c92826 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0053	624 B 242 B	90ms 85ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXZFtaNMKSH_sCpDjH_97UeKpkjM4821ZP6Huvk4JKQyaV1_jAEZn2Y0zjmg3LLnvjpFq0ZJDv3qV-Zseq-luPLfVn7tiLc6fQzM4C7D5P8WWtSSd7W3e4ZfspzRlUCKy71L8k8_-XJn-5otoHcYQV0SMgsKaVVn9h4yJWOSU3RNF7H4HQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 7FE5	89 KB 31 KB	158ms 158ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7FE5	3 KB 1 KB	44ms 39ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4600 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7FE5	20 KB 8 KB	48ms 43ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7FE5	0 0	72ms 54ms	Image text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxFCkoCOWbSgVnARt2ZXwlxBhEQ7igaycDiXZx3d0ydExaDFGiNKVKbQZfxozI6eK5pmBZxtYV3Vu67DnVBT8ohL_h-Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 7FE5	203 KB 64 KB	155ms 150ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 22:46:30 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7FE5	42 B 63 B	82ms 78ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMVktJhBqMqTJYFmp4PgxfwhqvI2XH28qGxu1EWt0kwqnb-8eSXpTZFOP5wz5-SeD10TadvrTdHF4QdbAqZv3tLQ67knopJK2XKZG4z54p0VLlTj8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 879A	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c4051d74c4adba587003b2cd4fb629bfcdd8ff14d833a54e8f51b8b8e7d1a4e3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame F473	39 KB 15 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:51 GMT content-encoding br x-content-type-options nosniff age 4599 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 21:29:51 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame EB53	0 0	73ms 73ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4296945606762119&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 283C	0 20 B	76ms 75ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3357329414908&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 283C	0 20 B	77ms 77ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3357329414908&version=m202309260101&ct=76&x=1&cor=11359999409173770000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 283C	86 KB 39 KB	85ms 84ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5Jaj5w28Qa80rLCQRcdhxMFhbgVTyXnt6OpvC_ndeCkswOe3aq8fFVkfAqDzRgYcNppD_-hq53oOrJhNHP-ISgKpa8UUJ9mWVAVhY9_P5h7HMuUx8MzKYHU0X5oPkCiVGUI9DvKABhMfqdezChyvlQIKCb-4sa72YB_zikxwjj9K8Gig&dbm_d=AKAmf-Ae544aNsOdzsIBHfHDEkwdyfaDprUQuFxxrrxEoz3siBBNDboCOZ_O-TvXgAhM_P0LFoIjv3nx30spqrFydINYfNbaU_b5y9zewPsAcSBABQQV8WnbKY486t7NLbhmZEvpn2X72ABfxi5V4o3M4wVjIGuIRIUU-C7JwgFf-xEEDzWxNcp7ysIZvA6ZAz8ZDcTBcmj6mn7NERN2NLixpKI20N-88_bRfcQIfnrv6-TTpOs8y_enz7aRlWWLXJlv4qXnoEQtnPo9y7MZJmNp3nyP7hYr9ECYya9krgyLK5WtoeB-HIquc69n3QUy2bzwABAeFNy0K_s9a_an5GKq-nKE3SYr5XaScw9H-PcAcqWJZQGfaEIy0Fu6He7GOXryvMkN4IPlqVNEd-BwRbsEPVGvSfXtDSKiLuNTtFbK5urCq2YlmQWkHL4jioAX1Hs4PJ3k4SEJzXcggi88Z7-IwbwVxkVO3R8xQ3M9ZHM7K7cD_TnXgaIWlsqAF9JDShbKBf27Yfo2mnlKBqfnScuCdbOieRnxygXlsRd_wF_iDCr-qETRO45sXT56UHUXTxhZYXLg_gNMGx_SLPiqn_Y6a38K3hioiGmGoGIPg5X0NvKAJd0I9diCMDwU8NmMrBRRuoYPO8tOMgRqAC3g41oUlim9sKet54z42-dMQU20_dVVzpTCf6fH2c60uX68vFmEGRchSZZVAHtZDe4NMpyVuE8HDG279TEu8cT4x91DJ2ap76lVNJCRtIMExkzPAde6hOMVGhW0AWoGv5yfTh3ZWTBuGHhXHO0-fw4tWPDfwhFlhcC94hHO5U1o92NLBOVnS8sP06SDUs38tHv69Z39SQgw8t17UvT9tgTvbEZ80SHefEhjFhMxhDLP62FnF3Mb7fGfOCXVV56O9dUNx2fmYGzFd8Z8eW6pxixpjvnCOCknvSdzf1I9DJPgo2nemPUi7wPtuxs6asPE4DcIMK4bHyBDT9KKy0omODYnG_pUxw1AsPgWMXLQLo82hB_I4-oMcym8uAo14rNI9Dk5ciTocdF4NKh7D88AV4PWZgG2hCBWpTrwh0n3hk9iAe-d9aAzCBU_buPGcKaMh2UQOn5lJO0Q2erhF0Sa8IrBIW6enlzCJ56nQjYlCyDJq2vj7eTXuyM8wdlFFW2KTcH5Oy5Y_v84FYsNOv_Ma9aeKs73QCCMucLn8Mds8ar8Z_DDZcs4gmJ9dU1ipQQrbulmbq5n1wAUHmhBFwj68wploV2w2NW-nZOYc8Ap-zyrtzIkz8H1u4aGa7qEIqPnRIzJgeS7fuDp8x0L8Q_c2GRlAeMmOBJVZA4JrG0jWPHU_j51vBwe_Vc-nDZrdX8ApNtISEwKoCYO873b4YUXV5wj-ncY-YsnY1rB7KWqjPq7X7dGrJ69yPMfVYrHA1g0eIO2IDxHc6l0ABSs_wp_1sAYwbfwskY06Cq1ZvidevTEs_BJH_VxCPG21J2GjGPvpNHZcNcyaE85AFfAKYE5p0epjdhTL4NZqNS9Ma5BJfAoXxjRQsznSnzUShuxzu3AGDc3GOwCWxQGy5VLC_ZXoCHNcXv2ddNMaAaIpq_EklhxWxcq_BMSQrAmrkq-KSslAile1M3PKzxA3ZYSZEcsyhmKi-4_XGr9NyqfOSFT83jsHvCsNlsvUQ0hkEpQPPaZTnpMaRqHLQbdFHoPyTdOxNyortVD5f46Y6dRn7VF9wh0djOM5spvjQ7A8KsdMeuV6f7yURGHIbuqi69o_GLOkF8vCjqeiixwsGNW8QGBhA6cfNRdpg31RvLDhD6JkqRmxVg_TKZ342wpNa_PsegCLC35Zf35EDlU1bncmq_T62scQhl6Ak-sQGH-5kuapDDKeOwTX96eesqkEp_luaNSuX2krmvYiRLKOinYrfBD6AnUexvfVeYjXEvb3XrsAIaNI-OB1kpvCUBipIvgMDn758uiPd88ROKhI1fu-vIMvyXP5YQfqOJbXyJVjkvakJ6Xx3-Q6C1Z3LE6jDUJOKi6xB6tO4-zurjFBbbNYVc0NvqAjizOvEfLc00Q65WgvAo529gbFgsM-543MXLKR0OTdrLJR8FtpC3kdxGWwJV8R1aQxod34X3Md9Ttw59ztlE64PmT3g0Xu8pQkzlp--H4QyEwJUxpdeTGqCP2qXAT2SvftLWZc1uifjOIDyn-GIf8eO4qA6mzN3hjej9H0ATthz7iFbnjmcrSP7ixzkFyEHMq6H5AV4qCWAXLF743cgszHokK5qsfOds8P_27ErPmS3BueaziXJJjbhbVbJnj5_JRTCcmS_9n0NkjBgwsYY-mPJ01Yqp3Ej9CbApKaU9HjgZ6CrkrVqdvN2JdyzjbKJ14cMYdbrkbJjFZI5ovS3a-Zi7DCTqtsgoQXuOOhSIdCH90MvYXfAsCJrxXMQzGRiO44qWwYpUmjt5skuw5XhYys5imed_EfpvEKSY4X3nkGSZRIyVmAkU-Ufaec7oDKQDZeQ6GSvsvwgFgrPCG6kL3FvIkzeey1Ph3abHP-1ewqs9q6PyhXEDu6gSk2mLgCDZ1N2GaytJykmizjjul6yuClNrEQzwtqyRompvFL4USikypQMIpE7QbzDrrlCkxj2RPyqs0Ktyfm5onWQqYds0jv-CTlMe_WFXnDbcOy1XW5ngLpESzlwL-G3_JQ9bAhPhiIPvaCuudRVq6I8Z8x8n_27ieS48f4WLMujOlxGUdky7-mbAMlgf8DozKC8s_6C6lP5o22ymagA-nRxv5UK3tEbi_0uoEGSGIl99aNJf5MhZEjBL8liluhwJqx1dBNxTbQ-4Wcp0_gQ2ZhXALydbalo8OkaKQhpgeppMiKgXRZe3ZFDB8u_ueSDDHMbO3ZyJ88ui1otbSbdEBRbU0-hGE6ZmD2cq7Dg7BVfunjoaY4cC3OCD8zEzFrQV4-243GrFMwNgzmFKh3KsHpMuGwoJMkswHPTypTcI8hhpUDL_mcbLlxgd9FkvG7LVze_BYQzSgVdcFiAthAHrcCvV6ZgRh8oWDzY6TyfzIdc2zivk2dJ_h62ujMTwW4_CowwG6Rxr4R1n8eiNJyIQYFwPj8OHeSMPRQSUS5sw5MuzE9JWegqOZJ_aVZ6YtRRiU2qMV2yTeokg2frUHEpSDmthC2vyIeCNjw5dG-DKCTfDn7qSyC6pORMszhBxYBFz0aESjfkgeDNwAy23rhjo34_5AJU3AnvXh01xQ8hR6MhDMbnJwRAQz1Kql9sR0uvtEes-_m7zu_HRX8DNdHvPRdiwtHNJnRg1wxABOxGChForXMBHAftXEQoIzXjl4LCnHXBewp_srVvtzMGuqHLFX6xZ6yoSahX_Q5QKVkkk7GrRm3dLOcUsqvSYx-_EmfuKw3e895fyobrx6yK6uh7lbqiohW8XR7cVh_Ju0f4nPjQw6tzCk-QPXq1Sxp2NxSDfFk_thnL5FLbzWFGazbL-ni6sBwTDSYunwyzLbM_mV5fXZVFQmu9fCoNPpRkvCLjsQuNj91CD8khNK-beTz5wKZApXjj0RCLGksoRGeoQIMCBM6DYcgBXdHOVdYYV2HFGTgwmMCdsIm1tBqVHBPsNBpNiwfjeHRd2KabRiQ1T9kFn7db_Cx_VhEogZgYlkhN2VvXzftgaCTSoobKsAYZlIXZZM2qs8tusijpblR0IRJb63inBZpc_uh8tc_5l1lMzu_OF5UogDhgwngNdcQVJJQql226jnu41j4J_-LNBPFD2mdV8e7MVndvuk_4DLzu44XiuvzCvLPwTIrvNXgcRFrsRpjNEVWMnnXuPex2AaSYvHzZd9qEZxyUaDGxfWLpx911lMLxz53EtGsvXLwUrpkEyv&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=11359999409173770000&adk=1877897942&idt=181&cac=0&dtd=12 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e67555bcfa785273544312635362a0e4aa19c45a6fd033c57b5edaf8d403a402 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39758 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 0053 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1	43 B 755 B	77ms 76ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXZFtaNMKSH_sCpDjH_97UeKpkjM4821ZP6Huvk4JKQyaV1_jAEZn2Y0zjmg3LLnvjpFq0ZJDv3qV-Zseq-luPLfVn7tiLc6fQzM4C7D5P8WWtSSd7W3e4ZfspzRlUCKy71L8k8_-XJn-5otoHcYQV0SMgsKaVVn9h4yJWOSU3RNF7H4HQ Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JolvynjM6b1F1tYeeKpe21I%2B42EXopEY8RG9xSPJCtRWJOvhz19y0U11OME9iqjMQSQ8GRMhpu%2BFe0fEF3i6a3j%2BnP%2B7i8Dz9i9py%2B0Ne2PDyn7825Y9yBs3UMMs%2B0%2Bg4i%2BNzV%2BQdqCU50xhBjPhS0%2BJ%2FH%2FboQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac617aad905c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 0053 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xnYTxkur6JdYpJIasAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1	43 B 744 B	53ms 53ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXZFtaNMKSH_sCpDjH_97UeKpkjM4821ZP6Huvk4JKQyaV1_jAEZn2Y0zjmg3LLnvjpFq0ZJDv3qV-Zseq-luPLfVn7tiLc6fQzM4C7D5P8WWtSSd7W3e4ZfspzRlUCKy71L8k8_-XJn-5otoHcYQV0SMgsKaVVn9h4yJWOSU3RNF7H4HQ Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8kQBZMXU7on2Z1uqLcBACUl8gKb8T11nPvxSqpqdmwy0XoI1inRhuXoNIFQye50yXAyPhMq5V5H9F2jPufiHE9ZGp4IqauP1sM1rpx3Eb8hQlidOV3EIFNhyQuQMbJtTTIVkztKmRrDLDQTG%2BlqnENeF%2BF93w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac617b7e515c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEQrQItZsMN8SEj27mXUZp0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 0053 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1	43 B 844 B	60ms 59ms	Image image/gif	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXZFtaNMKSH_sCpDjH_97UeKpkjM4821ZP6Huvk4JKQyaV1_jAEZn2Y0zjmg3LLnvjpFq0ZJDv3qV-Zseq-luPLfVn7tiLc6fQzM4C7D5P8WWtSSd7W3e4ZfspzRlUCKy71L8k8_-XJn-5otoHcYQV0SMgsKaVVn9h4yJWOSU3RNF7H4HQ Protocol H2 Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT an-x-request-uuid 33e147f2-b80c-4a3e-9aa5-4aa029ac5598 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEFl6kXVk9KXvtD6lEaGGjzw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0053 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D	170 B 232 B	49ms 48ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXZFtaNMKSH_sCpDjH_97UeKpkjM4821ZP6Huvk4JKQyaV1_jAEZn2Y0zjmg3LLnvjpFq0ZJDv3qV-Zseq-luPLfVn7tiLc6fQzM4C7D5P8WWtSSd7W3e4ZfspzRlUCKy71L8k8_-XJn-5otoHcYQV0SMgsKaVVn9h4yJWOSU3RNF7H4HQ Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT an-x-request-uuid 3fd1fd56-376d-4b27-85b1-c60e00e78310 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame CA77	0 234 B	599ms 208ms	Ping image/gif	2607:f8b0:4012:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqk2wlsc&c=3047832611257&slotId=1523916305628.5&qqid=CKaI98KTqYMDFW-Dgwcdq_kGFw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CA77	0 20 B	77ms 77ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CaUM3xbSIZeaRK--GjuwPq_ObuAG5krjkc8f9mqn_Ee_Tor3AARABIJC7gARglbr9gZQHyAEFqQJx9dySZnqyPqgDAcgDmwSqBJwCT9DfiJB3GEp1NS3886fU2yrM_DlAdp6UzbygE03OHKyVttJpGqY4cQ5_ruEZKkI53GfxCJSG3rhtUUwUKPsJC1OxUKTewMrC1uobo3iG8UYlEGljp96AvzQHv2Fx5HDtFSvwqqnSmoNRBZKN0UWFbZ0xnvonslFeQQJ0Gq-kLNlYE5H64CsMWqSCzTc3dkiVO5SOwSrJIdL7tZJknXoKwNTenXTiZAWYjvsNXnpTX885rqinrHCRNcIEaZB4-WZv_mcSE8hmY7V85XFU4PBOxjBKcpInTuO-9AKZTN9pldnX7T5uCjxQAGC6kzuoSy71WPs80JBlk0MWIEkwqJPf5bvY1CnVTDA1_QxPUrMPIWPeT3D2szU8l6JWGTbABIv_l6XWBOAEA4gF4enuj02QBgGgBnaAB5CK6IQEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYyeL2wpOpgwOACgHICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOKqJ8V0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcB&eventType=clickstring&clientTime=1703457990743&ai=CaUM3xbSIZeaRK--GjuwPq_ObuAG5krjkc8f9mqn_Ee_Tor3AARABIJC7gARglbr9gZQHyAEFqQJx9dySZnqyPqgDAcgDmwSqBJwCT9DfiJB3GEp1NS3886fU2yrM_DlAdp6UzbygE03OHKyVttJpGqY4cQ5_ruEZKkI53GfxCJSG3rhtUUwUKPsJC1OxUKTewMrC1uobo3iG8UYlEGljp96AvzQHv2Fx5HDtFSvwqqnSmoNRBZKN0UWFbZ0xnvonslFeQQJ0Gq-kLNlYE5H64CsMWqSCzTc3dkiVO5SOwSrJIdL7tZJknXoKwNTenXTiZAWYjvsNXnpTX885rqinrHCRNcIEaZB4-WZv_mcSE8hmY7V85XFU4PBOxjBKcpInTuO-9AKZTN9pldnX7T5uCjxQAGC6kzuoSy71WPs80JBlk0MWIEkwqJPf5bvY1CnVTDA1_QxPUrMPIWPeT3D2szU8l6JWGTbABIv_l6XWBOAEA4gF4enuj02QBgGgBnaAB5CK6IQEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYyeL2wpOpgwOACgHICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOKqJ8V0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame CA77	0 54 B	588ms 209ms	Ping image/gif	2607:f8b0:4012:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqk2wlso&c=3047832611257&slotId=1523916305628.5&qqid=CKaI98KTqYMDFW-Dgwcdq_kGFw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.u6&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame CA77	30 KB 18 KB	218ms 82ms	XHR text/xml	142.251.168.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CQQZGvoTkKf_3tV0dZOtN1B3yvkah892ZBCcxzx0cuJ-rEzoggHsU_bn5up5fZHNNNGOyekU8JJxoKOcCEWgAZtMTCiw&cry=1&dbm_d=AKAmf-CKQFoC5JbDh6FdK-B0K7dLKj4h8HIJN_L8EnGNVkZ32MR0sQ_JsLtAr_q_dk2FngXwP7OIcgIiVN12Hn_KZtk14WLBE90i1_XUsqJnhqrLRh4l6tuhGH48f6z98u_xN1NUNPpqc7caNqg3a-nx9cv_IU2fAITTXYCtuFqpcxTmVbbToulrKLo7oAVpfTDkuMEucZ_GkWhK6_sbNjVP53LcSbRNoSGaGBiTHmnV1ulJiyTqC5bBsMnUsyfC35AdYI9rqsxd-yoKp_Yf1ACANU8TMqYgTNmb_yzCYPKEl40BsmClrQdlJLIZdjUDSc6ZuUXouTBCQZrOGet04NGexKyDLtEXBJFlQbK5_qtbtdPjQdTutd9YNEl0SM8AsfGrCanyCDBNL2hrw_-zlDu5j6HX-dpzYoa9Bavm9HPfUxEwg1U8LFTpuL_BuyzqlOEow0ao5hYI79TNVBTAjx4HmMMtzjxR3MGwemPYKa9MCqbgxl8Awr9CUV5LDMrxscwRp6cMRa-c_hZTVQxdP-aI0WJABBdaeTVdTvapN5SHwoAHp7X75-1zeiJBBg85xvN7B6GqSdGmlWOIV-sqd8zULEdhoa9bINQH5kXWY5US9AvIy61dBc6VJx9V93tJ5nHT5U_ha7xhgShTC62grAI4LY6rbYNc5iD2fH3kzTebNSk823uCzHVB4uJWBI0S7WIqrF71FDkCjENzpxI6rvkuDoJIfU-_Ux2WBj9wOk16d0RASh1kA8n1Btdy6F0nFDJ9_04DrWmgbSfJyiWmQ9syqV2TN4W2Rn0CvEDGJvHcs3RoVlsSm0rscrzxQnHcvV0jNr3DEBK8nJ8khKrHvloyqxHBHOfW9ZCmyGJ-OR6II48MRygI9XNOuanLKl4nayEohFAw2ZVlcIJYhyTnMAkJKL1z7WYMv80-yEvemyv8sBOBPfseg7yn71riPFGQVERPeGnxe0y8FF9wjx1Q8k1dYVUA3K2z176Eiy60LvREbZTvRSZfr9D8E4pIpOe-99i_TtAZbC964J-VeTlxS322ARnXLHe_nXTJtPpslqHdqt2d8sWbVzoKCF-czUFhPCV-1Jt7gmliCR5jadsAaKQRHO2zeVmwAR7dlOg_4ui_2LejVyccXK--e9_I4w9Bv_5N8IZoA-llqMOmzaD9LcwMbUCYnJKpHn7fiK4V_kWHI_DIJV9v9f9_RzjA3G2Z9mUodu-Z_qGZIMXQDqOyFymoNUNmYKtft8tXsiE7ctbpsmU4P93iskbEzumWbT3cgDU_zASgSKIjsAe6I_GWKZigLN6HHK37FfrJUtKzl04F6fWslB-UNwnCEqSoSMaj78DYFBk5UK5uO5SGPplDwlgN0crK_r5wSytsr3_fbzre_XB7kHwWGuIQ2c5Jl-V3J3ylfaOJZYkHn_O6U20o9tR9OrxbBVFnrN5JDPeLOsgIk_Rx0kNPyfjfyN7GhROWbq5_ymEOLwhlQsO2bn0vc_nB7aWJvkmRKlRnC79mxT7qUYQFVTwJBrzAuEY7yun7kPI9CznFy7gIhqxXZ-FpOjUMjaALcite0c-FapZ27N3XBgnaZkJw1Uz_O8fduw_Xad-PNxsamCJJb9EYGLupnRUtNRoqfe2gsSZerDmSGEflJudjRNh4SImmDqB-SXXFUrlkBFCyI5MpWcLPM3nKxPkr8DAC-6-bypAIvOPYP86V7LeSZ1xhcJ-XTBfTIBn7UVVcMkB5SViz1CK0q9Cbt1o45McL3HQM2ySgiSJQE11hs3vfUQrkiSPrVeiT4FRe63lN_mqTNn0THwffZHs1wmXYhDyRe0ttQIbDNJEafHG135Vu8j-8cmPmvdFxoPlEJLwE5x5xGh9YdwfZlpLG1_IPzu1xSmkA9LIGqIYFL-klt_bGUgONGjB3dy9Ua6vNBdJIZ2sASmub9eWHvCNYpSW-dTG4WeCQ2A19ovCf4Kr3ieKbf5UtN2NnQaY7IJ9wlNfyOO0KKIUoMQzpJOpbDbOkFooJ1WvjJF-hAk3Gz9SxqLLTZH6I_UexrLL60MrwBS6csgpVXrmqrL7rlgI83GjvxctTZIw7qNZbdq-XjErHV15DKbce5yXN_J8NHlhDpBXySEDvz4broQ3TBD-MFz6KrEc7gJzrui1uFnS-UB6NWFYu6NKWGvWEPieiFZfZVGIVY6EWp3EJzTYqy7VGyl001eJMkVbnKlvladdv8sIQyKnMllDmxR2pQH08yrVo5PKvesvmqDJD1TTq5vYtQUUuoaOIeW_B6eX0hc332IJtXF9kFk0t4__5fd8vlpBUzqYcb_x83ubjd7J3EkD8NAuFCnIB84Y66LxlXxPDLicBvctb45sCRgn8ahUBPyAefxLflyX8-h2waRkDkBUCaUWiUDYDzTr991c0WL8ObrpcqAbSl4NrO5M1vL0BQH4jrg4GDXg6kHD8uEunZUAlzT4jV3wFQGI35rUO0i3410ZLlj3VfYJJiU7xcTywYwLTD-QRGIdbxjJ8MPZ4L81JyjQ6TBtfr0DSPCivP_CWSOswc08fSwdOLc5py4MQj8cyucLnjMoE7uqLXNkdKtb3K2YB74B1_RQQWqojADzBTOy_Uz-1QcFGJB77jwpJ9vW3iRVv40juMaim-vTUNrLBlib6m5PMW4ms1X-GuHZ6ASzrhnlgeX40ms3J1lr4tWRVbJaB5Kbc-gDaI3lHMhJNdBr0TxmTd9QRX9QR7KPvLuTTNanGHTt3cMT9B4QetDQyisawD3fIUowUsH_IYtZiZJdm3WEdgILIJmN3kzWTFQkS7adJqTxdsdLrIt-ydHMV0ZdNByKE0wUC5ikPLhJwA4qhigCnNYZ4Oyrxs7CHtdmwL0yYrF9dDRMBbVmE8BwEs8Lb67jyriTIPDkBcX1zZobCmB2ddckkSb0HgfXHKwaDoZlh2j6QneaIkzcRyU-EMgAv80nmP88H5q9dDbVzekyDDctGJwMOKbdxWwzI1049ZRvpcwZ9fJsZeoRfTnXcCD_Uyry8VLrgAYWEphpr9uKJFTqO_Bqi-me6GM5h727DBnHwUtsCFqByT_WEcapXBJ3zvczluAfC5GL7dxjhsIOwak4dWO3t3ME9hRjPF9qEzcpxi3ANKOT1OL3RkMwZ3RwJ266p674mxzboFpxJ_tHEQ3kibzCl68oq__NeVVo-WQtRmg2gmWpUhx6-C-TJPh-hqYF_SpH0Ebs_cPwv5c79IAslVpSBW4Qxvxn3mXFQZ-TAy6phZarSvl-8-wqkAtUU6L9COIcq1v4IJPpW5_aZkPqwBe_jdCa-uFi49xXabIWkIr5DJMGtu287eZHXE7cJBmWly1isdFl2gHOFzIJWkFh2wFHT-Q3d0PesB97m5IlyyRpGI7NeQdoJ5Vi7lI3oJSO0ilE9awnnJOIa95niH9cgAWy4rwfCyRcCgK7roobglOScYoC3tmQyFtaIvNHBGDp_YQWDlhEXWpBiP6AEPYd0KxEC2ka2mPU3Bq8dvdGdz6v3gofISNblahfIyrMeajfl0wbV9UES8cQz_5405Ml3E3cgDx6GUCA70hBrqFFls3Xc0sUAxCKnNpyLxA0WNPXU_StKYXhlsJywqQ2Cduad7WhuDbhev9b_FXarY13AeoMpdCDINOMGoS6KtdeMEq_G_LUl3bCXDrczf0KP0-lbdZkIVmh4fC_cuQnG1Il3XfIWWmkBkCu_Nx3lNmKHBsHDnIAdOShdkL73rz9vUS2W0l_LuMV-RIn9AJ766ZlelZavaZQtutOw_lx0yZtWnBZlkyb8oAmfZU5Uor_8uov3t4-UDmVvcI5iFbjijuGgOW3YBBWkHyKbFvAR4Ita2JAjpTfhnl73zEVMF0o3mG-c39t1UUhCz-C6QJXBGFfF9fT0syetLntk4GULiacoUUPcqSdnWuH88-TKO_1o0XpOoRpg2WTzmAr1GjputWU1ay1Sb-0&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.168.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wh-in-f155.1e100.net Software cafe / Resource Hash ee5d46661f4388125536875610a222274685650be3d107fda2e307e56134111a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17443 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7FE5	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9778496528631&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7FE5	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9778496528631&version=m202309260101&ct=76&x=1&cor=10421351764151816000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 7FE5	86 KB 39 KB	88ms 88ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash be05b9f88d4d77a102b8dd75d266af7624f3ca54071166dbd623c8866bcc0ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39977 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 448D	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f604b01876a8c2fc67c268a278769ef2beb42ff4335846b1cbfcd7853b2d0519 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 283C	31 KB 12 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5Jaj5w28Qa80rLCQRcdhxMFhbgVTyXnt6OpvC_ndeCkswOe3aq8fFVkfAqDzRgYcNppD_-hq53oOrJhNHP-ISgKpa8UUJ9mWVAVhY9_P5h7HMuUx8MzKYHU0X5oPkCiVGUI9DvKABhMfqdezChyvlQIKCb-4sa72YB_zikxwjj9K8Gig&dbm_d=AKAmf-Ae544aNsOdzsIBHfHDEkwdyfaDprUQuFxxrrxEoz3siBBNDboCOZ_O-TvXgAhM_P0LFoIjv3nx30spqrFydINYfNbaU_b5y9zewPsAcSBABQQV8WnbKY486t7NLbhmZEvpn2X72ABfxi5V4o3M4wVjIGuIRIUU-C7JwgFf-xEEDzWxNcp7ysIZvA6ZAz8ZDcTBcmj6mn7NERN2NLixpKI20N-88_bRfcQIfnrv6-TTpOs8y_enz7aRlWWLXJlv4qXnoEQtnPo9y7MZJmNp3nyP7hYr9ECYya9krgyLK5WtoeB-HIquc69n3QUy2bzwABAeFNy0K_s9a_an5GKq-nKE3SYr5XaScw9H-PcAcqWJZQGfaEIy0Fu6He7GOXryvMkN4IPlqVNEd-BwRbsEPVGvSfXtDSKiLuNTtFbK5urCq2YlmQWkHL4jioAX1Hs4PJ3k4SEJzXcggi88Z7-IwbwVxkVO3R8xQ3M9ZHM7K7cD_TnXgaIWlsqAF9JDShbKBf27Yfo2mnlKBqfnScuCdbOieRnxygXlsRd_wF_iDCr-qETRO45sXT56UHUXTxhZYXLg_gNMGx_SLPiqn_Y6a38K3hioiGmGoGIPg5X0NvKAJd0I9diCMDwU8NmMrBRRuoYPO8tOMgRqAC3g41oUlim9sKet54z42-dMQU20_dVVzpTCf6fH2c60uX68vFmEGRchSZZVAHtZDe4NMpyVuE8HDG279TEu8cT4x91DJ2ap76lVNJCRtIMExkzPAde6hOMVGhW0AWoGv5yfTh3ZWTBuGHhXHO0-fw4tWPDfwhFlhcC94hHO5U1o92NLBOVnS8sP06SDUs38tHv69Z39SQgw8t17UvT9tgTvbEZ80SHefEhjFhMxhDLP62FnF3Mb7fGfOCXVV56O9dUNx2fmYGzFd8Z8eW6pxixpjvnCOCknvSdzf1I9DJPgo2nemPUi7wPtuxs6asPE4DcIMK4bHyBDT9KKy0omODYnG_pUxw1AsPgWMXLQLo82hB_I4-oMcym8uAo14rNI9Dk5ciTocdF4NKh7D88AV4PWZgG2hCBWpTrwh0n3hk9iAe-d9aAzCBU_buPGcKaMh2UQOn5lJO0Q2erhF0Sa8IrBIW6enlzCJ56nQjYlCyDJq2vj7eTXuyM8wdlFFW2KTcH5Oy5Y_v84FYsNOv_Ma9aeKs73QCCMucLn8Mds8ar8Z_DDZcs4gmJ9dU1ipQQrbulmbq5n1wAUHmhBFwj68wploV2w2NW-nZOYc8Ap-zyrtzIkz8H1u4aGa7qEIqPnRIzJgeS7fuDp8x0L8Q_c2GRlAeMmOBJVZA4JrG0jWPHU_j51vBwe_Vc-nDZrdX8ApNtISEwKoCYO873b4YUXV5wj-ncY-YsnY1rB7KWqjPq7X7dGrJ69yPMfVYrHA1g0eIO2IDxHc6l0ABSs_wp_1sAYwbfwskY06Cq1ZvidevTEs_BJH_VxCPG21J2GjGPvpNHZcNcyaE85AFfAKYE5p0epjdhTL4NZqNS9Ma5BJfAoXxjRQsznSnzUShuxzu3AGDc3GOwCWxQGy5VLC_ZXoCHNcXv2ddNMaAaIpq_EklhxWxcq_BMSQrAmrkq-KSslAile1M3PKzxA3ZYSZEcsyhmKi-4_XGr9NyqfOSFT83jsHvCsNlsvUQ0hkEpQPPaZTnpMaRqHLQbdFHoPyTdOxNyortVD5f46Y6dRn7VF9wh0djOM5spvjQ7A8KsdMeuV6f7yURGHIbuqi69o_GLOkF8vCjqeiixwsGNW8QGBhA6cfNRdpg31RvLDhD6JkqRmxVg_TKZ342wpNa_PsegCLC35Zf35EDlU1bncmq_T62scQhl6Ak-sQGH-5kuapDDKeOwTX96eesqkEp_luaNSuX2krmvYiRLKOinYrfBD6AnUexvfVeYjXEvb3XrsAIaNI-OB1kpvCUBipIvgMDn758uiPd88ROKhI1fu-vIMvyXP5YQfqOJbXyJVjkvakJ6Xx3-Q6C1Z3LE6jDUJOKi6xB6tO4-zurjFBbbNYVc0NvqAjizOvEfLc00Q65WgvAo529gbFgsM-543MXLKR0OTdrLJR8FtpC3kdxGWwJV8R1aQxod34X3Md9Ttw59ztlE64PmT3g0Xu8pQkzlp--H4QyEwJUxpdeTGqCP2qXAT2SvftLWZc1uifjOIDyn-GIf8eO4qA6mzN3hjej9H0ATthz7iFbnjmcrSP7ixzkFyEHMq6H5AV4qCWAXLF743cgszHokK5qsfOds8P_27ErPmS3BueaziXJJjbhbVbJnj5_JRTCcmS_9n0NkjBgwsYY-mPJ01Yqp3Ej9CbApKaU9HjgZ6CrkrVqdvN2JdyzjbKJ14cMYdbrkbJjFZI5ovS3a-Zi7DCTqtsgoQXuOOhSIdCH90MvYXfAsCJrxXMQzGRiO44qWwYpUmjt5skuw5XhYys5imed_EfpvEKSY4X3nkGSZRIyVmAkU-Ufaec7oDKQDZeQ6GSvsvwgFgrPCG6kL3FvIkzeey1Ph3abHP-1ewqs9q6PyhXEDu6gSk2mLgCDZ1N2GaytJykmizjjul6yuClNrEQzwtqyRompvFL4USikypQMIpE7QbzDrrlCkxj2RPyqs0Ktyfm5onWQqYds0jv-CTlMe_WFXnDbcOy1XW5ngLpESzlwL-G3_JQ9bAhPhiIPvaCuudRVq6I8Z8x8n_27ieS48f4WLMujOlxGUdky7-mbAMlgf8DozKC8s_6C6lP5o22ymagA-nRxv5UK3tEbi_0uoEGSGIl99aNJf5MhZEjBL8liluhwJqx1dBNxTbQ-4Wcp0_gQ2ZhXALydbalo8OkaKQhpgeppMiKgXRZe3ZFDB8u_ueSDDHMbO3ZyJ88ui1otbSbdEBRbU0-hGE6ZmD2cq7Dg7BVfunjoaY4cC3OCD8zEzFrQV4-243GrFMwNgzmFKh3KsHpMuGwoJMkswHPTypTcI8hhpUDL_mcbLlxgd9FkvG7LVze_BYQzSgVdcFiAthAHrcCvV6ZgRh8oWDzY6TyfzIdc2zivk2dJ_h62ujMTwW4_CowwG6Rxr4R1n8eiNJyIQYFwPj8OHeSMPRQSUS5sw5MuzE9JWegqOZJ_aVZ6YtRRiU2qMV2yTeokg2frUHEpSDmthC2vyIeCNjw5dG-DKCTfDn7qSyC6pORMszhBxYBFz0aESjfkgeDNwAy23rhjo34_5AJU3AnvXh01xQ8hR6MhDMbnJwRAQz1Kql9sR0uvtEes-_m7zu_HRX8DNdHvPRdiwtHNJnRg1wxABOxGChForXMBHAftXEQoIzXjl4LCnHXBewp_srVvtzMGuqHLFX6xZ6yoSahX_Q5QKVkkk7GrRm3dLOcUsqvSYx-_EmfuKw3e895fyobrx6yK6uh7lbqiohW8XR7cVh_Ju0f4nPjQw6tzCk-QPXq1Sxp2NxSDfFk_thnL5FLbzWFGazbL-ni6sBwTDSYunwyzLbM_mV5fXZVFQmu9fCoNPpRkvCLjsQuNj91CD8khNK-beTz5wKZApXjj0RCLGksoRGeoQIMCBM6DYcgBXdHOVdYYV2HFGTgwmMCdsIm1tBqVHBPsNBpNiwfjeHRd2KabRiQ1T9kFn7db_Cx_VhEogZgYlkhN2VvXzftgaCTSoobKsAYZlIXZZM2qs8tusijpblR0IRJb63inBZpc_uh8tc_5l1lMzu_OF5UogDhgwngNdcQVJJQql226jnu41j4J_-LNBPFD2mdV8e7MVndvuk_4DLzu44XiuvzCvLPwTIrvNXgcRFrsRpjNEVWMnnXuPex2AaSYvHzZd9qEZxyUaDGxfWLpx911lMLxz53EtGsvXLwUrpkEyv&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=11359999409173770000&adk=1877897942&idt=181&cac=0&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 01:43:50 GMT content-encoding br x-content-type-options nosniff age 75760 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 server cafe etag 16225921609732785849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 01:43:50 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 283C	11 KB 4 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5Jaj5w28Qa80rLCQRcdhxMFhbgVTyXnt6OpvC_ndeCkswOe3aq8fFVkfAqDzRgYcNppD_-hq53oOrJhNHP-ISgKpa8UUJ9mWVAVhY9_P5h7HMuUx8MzKYHU0X5oPkCiVGUI9DvKABhMfqdezChyvlQIKCb-4sa72YB_zikxwjj9K8Gig&dbm_d=AKAmf-Ae544aNsOdzsIBHfHDEkwdyfaDprUQuFxxrrxEoz3siBBNDboCOZ_O-TvXgAhM_P0LFoIjv3nx30spqrFydINYfNbaU_b5y9zewPsAcSBABQQV8WnbKY486t7NLbhmZEvpn2X72ABfxi5V4o3M4wVjIGuIRIUU-C7JwgFf-xEEDzWxNcp7ysIZvA6ZAz8ZDcTBcmj6mn7NERN2NLixpKI20N-88_bRfcQIfnrv6-TTpOs8y_enz7aRlWWLXJlv4qXnoEQtnPo9y7MZJmNp3nyP7hYr9ECYya9krgyLK5WtoeB-HIquc69n3QUy2bzwABAeFNy0K_s9a_an5GKq-nKE3SYr5XaScw9H-PcAcqWJZQGfaEIy0Fu6He7GOXryvMkN4IPlqVNEd-BwRbsEPVGvSfXtDSKiLuNTtFbK5urCq2YlmQWkHL4jioAX1Hs4PJ3k4SEJzXcggi88Z7-IwbwVxkVO3R8xQ3M9ZHM7K7cD_TnXgaIWlsqAF9JDShbKBf27Yfo2mnlKBqfnScuCdbOieRnxygXlsRd_wF_iDCr-qETRO45sXT56UHUXTxhZYXLg_gNMGx_SLPiqn_Y6a38K3hioiGmGoGIPg5X0NvKAJd0I9diCMDwU8NmMrBRRuoYPO8tOMgRqAC3g41oUlim9sKet54z42-dMQU20_dVVzpTCf6fH2c60uX68vFmEGRchSZZVAHtZDe4NMpyVuE8HDG279TEu8cT4x91DJ2ap76lVNJCRtIMExkzPAde6hOMVGhW0AWoGv5yfTh3ZWTBuGHhXHO0-fw4tWPDfwhFlhcC94hHO5U1o92NLBOVnS8sP06SDUs38tHv69Z39SQgw8t17UvT9tgTvbEZ80SHefEhjFhMxhDLP62FnF3Mb7fGfOCXVV56O9dUNx2fmYGzFd8Z8eW6pxixpjvnCOCknvSdzf1I9DJPgo2nemPUi7wPtuxs6asPE4DcIMK4bHyBDT9KKy0omODYnG_pUxw1AsPgWMXLQLo82hB_I4-oMcym8uAo14rNI9Dk5ciTocdF4NKh7D88AV4PWZgG2hCBWpTrwh0n3hk9iAe-d9aAzCBU_buPGcKaMh2UQOn5lJO0Q2erhF0Sa8IrBIW6enlzCJ56nQjYlCyDJq2vj7eTXuyM8wdlFFW2KTcH5Oy5Y_v84FYsNOv_Ma9aeKs73QCCMucLn8Mds8ar8Z_DDZcs4gmJ9dU1ipQQrbulmbq5n1wAUHmhBFwj68wploV2w2NW-nZOYc8Ap-zyrtzIkz8H1u4aGa7qEIqPnRIzJgeS7fuDp8x0L8Q_c2GRlAeMmOBJVZA4JrG0jWPHU_j51vBwe_Vc-nDZrdX8ApNtISEwKoCYO873b4YUXV5wj-ncY-YsnY1rB7KWqjPq7X7dGrJ69yPMfVYrHA1g0eIO2IDxHc6l0ABSs_wp_1sAYwbfwskY06Cq1ZvidevTEs_BJH_VxCPG21J2GjGPvpNHZcNcyaE85AFfAKYE5p0epjdhTL4NZqNS9Ma5BJfAoXxjRQsznSnzUShuxzu3AGDc3GOwCWxQGy5VLC_ZXoCHNcXv2ddNMaAaIpq_EklhxWxcq_BMSQrAmrkq-KSslAile1M3PKzxA3ZYSZEcsyhmKi-4_XGr9NyqfOSFT83jsHvCsNlsvUQ0hkEpQPPaZTnpMaRqHLQbdFHoPyTdOxNyortVD5f46Y6dRn7VF9wh0djOM5spvjQ7A8KsdMeuV6f7yURGHIbuqi69o_GLOkF8vCjqeiixwsGNW8QGBhA6cfNRdpg31RvLDhD6JkqRmxVg_TKZ342wpNa_PsegCLC35Zf35EDlU1bncmq_T62scQhl6Ak-sQGH-5kuapDDKeOwTX96eesqkEp_luaNSuX2krmvYiRLKOinYrfBD6AnUexvfVeYjXEvb3XrsAIaNI-OB1kpvCUBipIvgMDn758uiPd88ROKhI1fu-vIMvyXP5YQfqOJbXyJVjkvakJ6Xx3-Q6C1Z3LE6jDUJOKi6xB6tO4-zurjFBbbNYVc0NvqAjizOvEfLc00Q65WgvAo529gbFgsM-543MXLKR0OTdrLJR8FtpC3kdxGWwJV8R1aQxod34X3Md9Ttw59ztlE64PmT3g0Xu8pQkzlp--H4QyEwJUxpdeTGqCP2qXAT2SvftLWZc1uifjOIDyn-GIf8eO4qA6mzN3hjej9H0ATthz7iFbnjmcrSP7ixzkFyEHMq6H5AV4qCWAXLF743cgszHokK5qsfOds8P_27ErPmS3BueaziXJJjbhbVbJnj5_JRTCcmS_9n0NkjBgwsYY-mPJ01Yqp3Ej9CbApKaU9HjgZ6CrkrVqdvN2JdyzjbKJ14cMYdbrkbJjFZI5ovS3a-Zi7DCTqtsgoQXuOOhSIdCH90MvYXfAsCJrxXMQzGRiO44qWwYpUmjt5skuw5XhYys5imed_EfpvEKSY4X3nkGSZRIyVmAkU-Ufaec7oDKQDZeQ6GSvsvwgFgrPCG6kL3FvIkzeey1Ph3abHP-1ewqs9q6PyhXEDu6gSk2mLgCDZ1N2GaytJykmizjjul6yuClNrEQzwtqyRompvFL4USikypQMIpE7QbzDrrlCkxj2RPyqs0Ktyfm5onWQqYds0jv-CTlMe_WFXnDbcOy1XW5ngLpESzlwL-G3_JQ9bAhPhiIPvaCuudRVq6I8Z8x8n_27ieS48f4WLMujOlxGUdky7-mbAMlgf8DozKC8s_6C6lP5o22ymagA-nRxv5UK3tEbi_0uoEGSGIl99aNJf5MhZEjBL8liluhwJqx1dBNxTbQ-4Wcp0_gQ2ZhXALydbalo8OkaKQhpgeppMiKgXRZe3ZFDB8u_ueSDDHMbO3ZyJ88ui1otbSbdEBRbU0-hGE6ZmD2cq7Dg7BVfunjoaY4cC3OCD8zEzFrQV4-243GrFMwNgzmFKh3KsHpMuGwoJMkswHPTypTcI8hhpUDL_mcbLlxgd9FkvG7LVze_BYQzSgVdcFiAthAHrcCvV6ZgRh8oWDzY6TyfzIdc2zivk2dJ_h62ujMTwW4_CowwG6Rxr4R1n8eiNJyIQYFwPj8OHeSMPRQSUS5sw5MuzE9JWegqOZJ_aVZ6YtRRiU2qMV2yTeokg2frUHEpSDmthC2vyIeCNjw5dG-DKCTfDn7qSyC6pORMszhBxYBFz0aESjfkgeDNwAy23rhjo34_5AJU3AnvXh01xQ8hR6MhDMbnJwRAQz1Kql9sR0uvtEes-_m7zu_HRX8DNdHvPRdiwtHNJnRg1wxABOxGChForXMBHAftXEQoIzXjl4LCnHXBewp_srVvtzMGuqHLFX6xZ6yoSahX_Q5QKVkkk7GrRm3dLOcUsqvSYx-_EmfuKw3e895fyobrx6yK6uh7lbqiohW8XR7cVh_Ju0f4nPjQw6tzCk-QPXq1Sxp2NxSDfFk_thnL5FLbzWFGazbL-ni6sBwTDSYunwyzLbM_mV5fXZVFQmu9fCoNPpRkvCLjsQuNj91CD8khNK-beTz5wKZApXjj0RCLGksoRGeoQIMCBM6DYcgBXdHOVdYYV2HFGTgwmMCdsIm1tBqVHBPsNBpNiwfjeHRd2KabRiQ1T9kFn7db_Cx_VhEogZgYlkhN2VvXzftgaCTSoobKsAYZlIXZZM2qs8tusijpblR0IRJb63inBZpc_uh8tc_5l1lMzu_OF5UogDhgwngNdcQVJJQql226jnu41j4J_-LNBPFD2mdV8e7MVndvuk_4DLzu44XiuvzCvLPwTIrvNXgcRFrsRpjNEVWMnnXuPex2AaSYvHzZd9qEZxyUaDGxfWLpx911lMLxz53EtGsvXLwUrpkEyv&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=11359999409173770000&adk=1877897942&idt=181&cac=0&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:44:08 GMT content-encoding br x-content-type-options nosniff age 3742 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 14415875674906819925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:44:08 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 283C	41 KB 14 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5Jaj5w28Qa80rLCQRcdhxMFhbgVTyXnt6OpvC_ndeCkswOe3aq8fFVkfAqDzRgYcNppD_-hq53oOrJhNHP-ISgKpa8UUJ9mWVAVhY9_P5h7HMuUx8MzKYHU0X5oPkCiVGUI9DvKABhMfqdezChyvlQIKCb-4sa72YB_zikxwjj9K8Gig&dbm_d=AKAmf-Ae544aNsOdzsIBHfHDEkwdyfaDprUQuFxxrrxEoz3siBBNDboCOZ_O-TvXgAhM_P0LFoIjv3nx30spqrFydINYfNbaU_b5y9zewPsAcSBABQQV8WnbKY486t7NLbhmZEvpn2X72ABfxi5V4o3M4wVjIGuIRIUU-C7JwgFf-xEEDzWxNcp7ysIZvA6ZAz8ZDcTBcmj6mn7NERN2NLixpKI20N-88_bRfcQIfnrv6-TTpOs8y_enz7aRlWWLXJlv4qXnoEQtnPo9y7MZJmNp3nyP7hYr9ECYya9krgyLK5WtoeB-HIquc69n3QUy2bzwABAeFNy0K_s9a_an5GKq-nKE3SYr5XaScw9H-PcAcqWJZQGfaEIy0Fu6He7GOXryvMkN4IPlqVNEd-BwRbsEPVGvSfXtDSKiLuNTtFbK5urCq2YlmQWkHL4jioAX1Hs4PJ3k4SEJzXcggi88Z7-IwbwVxkVO3R8xQ3M9ZHM7K7cD_TnXgaIWlsqAF9JDShbKBf27Yfo2mnlKBqfnScuCdbOieRnxygXlsRd_wF_iDCr-qETRO45sXT56UHUXTxhZYXLg_gNMGx_SLPiqn_Y6a38K3hioiGmGoGIPg5X0NvKAJd0I9diCMDwU8NmMrBRRuoYPO8tOMgRqAC3g41oUlim9sKet54z42-dMQU20_dVVzpTCf6fH2c60uX68vFmEGRchSZZVAHtZDe4NMpyVuE8HDG279TEu8cT4x91DJ2ap76lVNJCRtIMExkzPAde6hOMVGhW0AWoGv5yfTh3ZWTBuGHhXHO0-fw4tWPDfwhFlhcC94hHO5U1o92NLBOVnS8sP06SDUs38tHv69Z39SQgw8t17UvT9tgTvbEZ80SHefEhjFhMxhDLP62FnF3Mb7fGfOCXVV56O9dUNx2fmYGzFd8Z8eW6pxixpjvnCOCknvSdzf1I9DJPgo2nemPUi7wPtuxs6asPE4DcIMK4bHyBDT9KKy0omODYnG_pUxw1AsPgWMXLQLo82hB_I4-oMcym8uAo14rNI9Dk5ciTocdF4NKh7D88AV4PWZgG2hCBWpTrwh0n3hk9iAe-d9aAzCBU_buPGcKaMh2UQOn5lJO0Q2erhF0Sa8IrBIW6enlzCJ56nQjYlCyDJq2vj7eTXuyM8wdlFFW2KTcH5Oy5Y_v84FYsNOv_Ma9aeKs73QCCMucLn8Mds8ar8Z_DDZcs4gmJ9dU1ipQQrbulmbq5n1wAUHmhBFwj68wploV2w2NW-nZOYc8Ap-zyrtzIkz8H1u4aGa7qEIqPnRIzJgeS7fuDp8x0L8Q_c2GRlAeMmOBJVZA4JrG0jWPHU_j51vBwe_Vc-nDZrdX8ApNtISEwKoCYO873b4YUXV5wj-ncY-YsnY1rB7KWqjPq7X7dGrJ69yPMfVYrHA1g0eIO2IDxHc6l0ABSs_wp_1sAYwbfwskY06Cq1ZvidevTEs_BJH_VxCPG21J2GjGPvpNHZcNcyaE85AFfAKYE5p0epjdhTL4NZqNS9Ma5BJfAoXxjRQsznSnzUShuxzu3AGDc3GOwCWxQGy5VLC_ZXoCHNcXv2ddNMaAaIpq_EklhxWxcq_BMSQrAmrkq-KSslAile1M3PKzxA3ZYSZEcsyhmKi-4_XGr9NyqfOSFT83jsHvCsNlsvUQ0hkEpQPPaZTnpMaRqHLQbdFHoPyTdOxNyortVD5f46Y6dRn7VF9wh0djOM5spvjQ7A8KsdMeuV6f7yURGHIbuqi69o_GLOkF8vCjqeiixwsGNW8QGBhA6cfNRdpg31RvLDhD6JkqRmxVg_TKZ342wpNa_PsegCLC35Zf35EDlU1bncmq_T62scQhl6Ak-sQGH-5kuapDDKeOwTX96eesqkEp_luaNSuX2krmvYiRLKOinYrfBD6AnUexvfVeYjXEvb3XrsAIaNI-OB1kpvCUBipIvgMDn758uiPd88ROKhI1fu-vIMvyXP5YQfqOJbXyJVjkvakJ6Xx3-Q6C1Z3LE6jDUJOKi6xB6tO4-zurjFBbbNYVc0NvqAjizOvEfLc00Q65WgvAo529gbFgsM-543MXLKR0OTdrLJR8FtpC3kdxGWwJV8R1aQxod34X3Md9Ttw59ztlE64PmT3g0Xu8pQkzlp--H4QyEwJUxpdeTGqCP2qXAT2SvftLWZc1uifjOIDyn-GIf8eO4qA6mzN3hjej9H0ATthz7iFbnjmcrSP7ixzkFyEHMq6H5AV4qCWAXLF743cgszHokK5qsfOds8P_27ErPmS3BueaziXJJjbhbVbJnj5_JRTCcmS_9n0NkjBgwsYY-mPJ01Yqp3Ej9CbApKaU9HjgZ6CrkrVqdvN2JdyzjbKJ14cMYdbrkbJjFZI5ovS3a-Zi7DCTqtsgoQXuOOhSIdCH90MvYXfAsCJrxXMQzGRiO44qWwYpUmjt5skuw5XhYys5imed_EfpvEKSY4X3nkGSZRIyVmAkU-Ufaec7oDKQDZeQ6GSvsvwgFgrPCG6kL3FvIkzeey1Ph3abHP-1ewqs9q6PyhXEDu6gSk2mLgCDZ1N2GaytJykmizjjul6yuClNrEQzwtqyRompvFL4USikypQMIpE7QbzDrrlCkxj2RPyqs0Ktyfm5onWQqYds0jv-CTlMe_WFXnDbcOy1XW5ngLpESzlwL-G3_JQ9bAhPhiIPvaCuudRVq6I8Z8x8n_27ieS48f4WLMujOlxGUdky7-mbAMlgf8DozKC8s_6C6lP5o22ymagA-nRxv5UK3tEbi_0uoEGSGIl99aNJf5MhZEjBL8liluhwJqx1dBNxTbQ-4Wcp0_gQ2ZhXALydbalo8OkaKQhpgeppMiKgXRZe3ZFDB8u_ueSDDHMbO3ZyJ88ui1otbSbdEBRbU0-hGE6ZmD2cq7Dg7BVfunjoaY4cC3OCD8zEzFrQV4-243GrFMwNgzmFKh3KsHpMuGwoJMkswHPTypTcI8hhpUDL_mcbLlxgd9FkvG7LVze_BYQzSgVdcFiAthAHrcCvV6ZgRh8oWDzY6TyfzIdc2zivk2dJ_h62ujMTwW4_CowwG6Rxr4R1n8eiNJyIQYFwPj8OHeSMPRQSUS5sw5MuzE9JWegqOZJ_aVZ6YtRRiU2qMV2yTeokg2frUHEpSDmthC2vyIeCNjw5dG-DKCTfDn7qSyC6pORMszhBxYBFz0aESjfkgeDNwAy23rhjo34_5AJU3AnvXh01xQ8hR6MhDMbnJwRAQz1Kql9sR0uvtEes-_m7zu_HRX8DNdHvPRdiwtHNJnRg1wxABOxGChForXMBHAftXEQoIzXjl4LCnHXBewp_srVvtzMGuqHLFX6xZ6yoSahX_Q5QKVkkk7GrRm3dLOcUsqvSYx-_EmfuKw3e895fyobrx6yK6uh7lbqiohW8XR7cVh_Ju0f4nPjQw6tzCk-QPXq1Sxp2NxSDfFk_thnL5FLbzWFGazbL-ni6sBwTDSYunwyzLbM_mV5fXZVFQmu9fCoNPpRkvCLjsQuNj91CD8khNK-beTz5wKZApXjj0RCLGksoRGeoQIMCBM6DYcgBXdHOVdYYV2HFGTgwmMCdsIm1tBqVHBPsNBpNiwfjeHRd2KabRiQ1T9kFn7db_Cx_VhEogZgYlkhN2VvXzftgaCTSoobKsAYZlIXZZM2qs8tusijpblR0IRJb63inBZpc_uh8tc_5l1lMzu_OF5UogDhgwngNdcQVJJQql226jnu41j4J_-LNBPFD2mdV8e7MVndvuk_4DLzu44XiuvzCvLPwTIrvNXgcRFrsRpjNEVWMnnXuPex2AaSYvHzZd9qEZxyUaDGxfWLpx911lMLxz53EtGsvXLwUrpkEyv&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=11359999409173770000&adk=1877897942&idt=181&cac=0&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:49:16 GMT content-encoding br x-content-type-options nosniff age 464234 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 13:49:16 GMT
GET H2	200	7683141214402194916 s0.2mdn.net/simgad/ Frame 283C	65 KB 66 KB	227ms 107ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/7683141214402194916 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 791c0194eac06ab53980aff259f1670b52f8e0bcefd5b2aaed24a53325615f3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Wed, 18 Dec 2024 13:19:50 GMT date Tue, 19 Dec 2023 13:19:50 GMT x-content-type-options nosniff age 466001 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67061 x-xss-protection 0 last-modified Tue, 05 Dec 2023 09:33:13 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 97B2	50 KB 19 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:10:10 GMT content-encoding br x-content-type-options nosniff age 484580 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Dec 2024 08:10:10 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 879A Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CV4m1xbSIZemRK--GjuwPq_ObuAHTqrTzdKqKq9qiEgoQASCQu4AEYJW6_YGUB6AB0bSvwAPIAQKpAnH13JJmerI-qAMByAPJBKoE9gFP0Fabi8GPNdJy0i7JQiqytWYJE38CyJ299PWTUqg... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229085979187319904199%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeit.gg%22,%22event_report_window%22:%22...	0 0	156ms 74ms	Fetch text/css	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229085979187319904199%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeit.gg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940300881%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215575143840943756769%22}&andc=true Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9085979187319904199","debug_reporting":true,"destination":"https://tradeit.gg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940300881"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15575143840943756769"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 24 Dec 2023 22:46:31 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9085979187319904199","debug_reporting":true,"destination":"https://tradeit.gg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940300881"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15575143840943756769"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 448D Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CxXUlxbSIZeeRK--GjuwPq_ObuAHl2PDwdP_tjMmXEsCNtwEQASCQu4AEYJW6_YGUB6ABn_qPvAPIAQKpAmypmRFGOGE-qAMByAPJBKoE-QFP0Ao0aoH5SstCoaIPqMg_QGYqdkZicR8ltBB... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210647704271746153100%22,%22debug_reporting%22:true,%22destination%22:%22https://msi.com%22,%22event_report_window%22:%2225...	0 0	158ms 74ms	Fetch text/css	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210647704271746153100%22,%22debug_reporting%22:true,%22destination%22:%22https://msi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22931396895%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215340561138684856481%22}&andc=true Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"10647704271746153100","debug_reporting":true,"destination":"https://msi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["931396895"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15340561138684856481"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 24 Dec 2023 22:46:31 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sun, 24 Dec 2023 22:46:30 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10647704271746153100","debug_reporting":true,"destination":"https://msi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["931396895"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15340561138684856481"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 25E7	50 KB 19 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:10:10 GMT content-encoding br x-content-type-options nosniff age 484580 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Dec 2024 08:10:10 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7FE5	31 KB 12 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 01:43:50 GMT content-encoding br x-content-type-options nosniff age 75760 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 server cafe etag 16225921609732785849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 01:43:50 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7FE5	11 KB 4 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:44:08 GMT content-encoding br x-content-type-options nosniff age 3742 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 14415875674906819925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:44:08 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7FE5	0 0	210ms 83ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFBc8DmZYdhqA-rICLGzEztl3lv4gQnuq8_nj05dvnouTcjKgdGkafVxNXGwjHIksHyVqgG02MXroUzKASSpZg2ZxzRBcx3mt7hg8_3k6lQSgOOFivUSJLwYkUbW-PHvH_va0FAyi_uUbHSI_tFg5mKmowbUW3-ryyZB_cuO6B1kTNgwpWVZvLSRbmaxu0D5TlF-pnzRjcws7Yug0x0Z7n-TpnRxSYJ4vmdqHgvHXGQbCTh82PhMDTQOgeECIaJsLDI6-M4Vvnrwfb4m9kqw2IR9qMl86Ilb6XX167NWTPjr-bjjH4pdhpqTgsNZp8SQyHs070RwN0zVYc6dOtuFiElSqXi2mFtApmrn_25Vut-niWB7kH0aFqWNo4EX0nzafK9aJ-oW0mPnxYqtwsLnMAbNl3O7_5_zlTBF9y5zek0mTqvRItHUExXDeVzYwC0dTw7GTg-rZU54CXh4BTH-Kj25ePivLjkEQaESCE3HGHK3hNL-Ab3d3MTHT0crpuUMSlOwpmOGGouF_kO_ZrGvJDPCl-g98-NfvLnKkCg2LW0AwiQXU5xtEzv6vA4iTWpgaBOeFRIqlQxiahAyYYuflpIlJDWqcWoAeGmDOQExhoyFw6FcurJ9LiwWHY8dIWnd_P6npa6jAMPvarDh1Xpb3CL185CgE1kjd6RtDp0tielAyWR-b4_6F-4jYZ_6KZItlEdrtsbL6ygz89ZvxlxvSthW507pJDyzlFtxnbzJ0PyiIuXMHR2d0jSugCCqFFB6iSamosW7RWp_ENEeprnHFCWvebYR1w_bcpx6ieZv7dqtpWTpjKvV6lfjhfPiyR1ZFPZQlYC6G1boGa2IE2J4Bp046KHPtJfg3oDdUI9Xf6H_lYblRkWXR7s0zl4O_ejlxbGo1_4M5N2gnjnqdXWuVmkl8RxfXYDIwAphxVaPM3rceafuhBD5F2ygWv2F47zBRGYET48GwFQn_YhL2ujpE0R4zudmcn9fRu3XQqwVV8P2xW2oEkK94IJjujMmS0GgnD-I5AmjuxKN2wzudXl0dozWelVZpbQL_C4vatcLz0IGHntzDhlOARYtBI92DVHI4J3sJIr9iIpuU-vDwwO-LgVqiFD0MKboTuMQg3nb9STWjce8ju0VwQ0idob-Gci4qd0cb-w1HKLoIyIf7uRqub1NzOOe-0lbDmR_4zMgoiZJNeP1ddJm8WIPOtQG0Sl_1vsPJdFDpreBr0_91OuTltq8zh8OHHLkS_f6B7Z7Jf5OjsRyztaTH6Kf-kXTNHUS56hXJRgMoZjAGEhiRx-tSrtyagMgZ0fB2gUVhWvSi4WTO7a9NKNTA0FfvnI7G0q9C-gWvkpMgyGMDFnTDsVFppyAhE-d2585fmSUnocm1lsAbdzNkesXi9qEnEqv4YXDq3Kqm6hC87jUUSP0yhj0D3L04XQoQaQoW6efiPb1dsXQ&sai=AMfl-YT7yBA5r_ooYtwBomYHd8XKfoOS4U78bG1ZvfqHovHXqhFw3OTldyT6f6Z_pVGzuYZoNJUlU8wJAWoTTHIFwld5yzBpTDVcqE38KbTIUGGcgKnJ9T2cNqTU9ll9WC0yMhdrfYfJDi4XKRdwvXqCk56yJGGFZcCSA4bnoT8tPheh8XW1n7PQ41DPn1ZnH-fIljn5h0I0Sgh-cK2EVSASFrYngQmfjcx3nTI7r-Mpg1bvO83MvzhRMc63V3M5rNZgns3z1SY&sig=Cg0ArKJSzNywB-P7X6FoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.75745&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 7FE5	41 KB 14 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:49:16 GMT content-encoding br x-content-type-options nosniff age 464234 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 13:49:16 GMT
GET H2	200	8044784235198242242 s0.2mdn.net/simgad/ Frame 7FE5	58 KB 59 KB	99ms 40ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/8044784235198242242 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Thu, 19 Dec 2024 08:16:46 GMT date Wed, 20 Dec 2023 08:16:46 GMT x-content-type-options nosniff age 397785 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59828 x-xss-protection 0 last-modified Tue, 05 Dec 2023 09:33:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame 7FE5 Redirect Chain https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= https://d.adtriba.com/px.gif	42 B 227 B	40ms 40ms	Image image/gif	3.66.143.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol HTTP/1.1 Server 3.66.143.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-143-165.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:31 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Sun, 24 Dec 2023 22:46:31 GMT Last-Modified Sun, 24 Dec 2023 22:46:31 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8D67	1 KB 643 B	39ms 39ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 48780 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 09:13:30 GMT etag 48472445140208031 expires Mon, 25 Dec 2023 09:13:30 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 7FE5	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 14cd9717bc3e8c9ee6d9b788453ebcb2b22c55785109ffac579ac691f9521f93 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
POST H2	204	csi csi.gstatic.com/ Frame CA77	0 54 B	339ms 209ms	Ping image/gif	2607:f8b0:4012:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqk2wlt0&c=3047832611257&slotId=1523916305628.5&qqid=CKaI98KTqYMDFW-Dgwcdq_kGFw&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame CA77	41 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 09:02:22 GMT content-encoding gzip x-content-type-options nosniff age 481449 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 09:02:22 GMT
HEAD H/1.1	200 OK	file.mp4 r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CA77 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa... https://r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	175ms 41ms	Fetch video/mp4	2a00:1450:4001:13::8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/148D57F3899E616B963F7F2C8C1546509004A531.2DAB29521C2F2D734153B91AC735213E5F40ABEB/key/cms1/cms_redirect/yes/mh/2C/mip/2a01:4a0:1338:92::6/mm/42/mn/sn-4g5lzned/ms/onc/mt/1703457624/mv/u/mvi/3/pl/36/file/file.mp4 Protocol HTTP/1.1 Server 2a00:1450:4001:13::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:31 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 8606404 Last-Modified Sat, 21 Oct 2023 14:55:47 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Sun, 24 Dec 2023 22:46:31 GMT Redirect headers date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 649 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net location https://r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/148D57F3899E616B963F7F2C8C1546509004A531.2DAB29521C2F2D734153B91AC735213E5F40ABEB/key/cms1/cms_redirect/yes/mh/2C/mip/2a01:4a0:1338:92::6/mm/42/mn/sn-4g5lzned/ms/onc/mt/1703457624/mv/u/mvi/3/pl/36/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://googleads.g.doubleclick.net expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame A97A	38 KB 13 KB	40ms 39ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 462352 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 14:20:39 GMT expires Wed, 18 Dec 2024 14:20:39 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame F473	0 10 B	40ms 39ms	Image text/plain	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?qjvGKA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	175ms 75ms	Preflight text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229085979187319904199%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeit.gg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940300881%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215575143840943756769%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sun, 24 Dec 2023 22:46:31 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	169ms 74ms	Preflight text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210647704271746153100%22,%22debug_reporting%22:true,%22destination%22:%22https://msi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22931396895%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215340561138684856481%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sun, 24 Dec 2023 22:46:31 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8D67 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKrvjAt2z4YFo9OVPDDlEp0&google_cver=1&google_push=AXcoOmTusd88xv2sIED9zolhVuWHDOOZuCfjmfWyqY-THlQGN_p8mqvRFX_pTra1__Pr-SAejbXBeo2ZHfQkiRf0B3F4wEKKEXDHE-Px https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3NDI1Mzc0OTI2ODQ5ODk5NQ==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFA36iIYPeuLaqv-gg5JGGk&google_cver=1	43 B 398 B	95ms 48ms	Image image/gif	46.228.164.11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFA36iIYPeuLaqv-gg5JGGk&google_cver=1 Protocol H2 Server 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFA36iIYPeuLaqv-gg5JGGk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 8D67 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo1... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIP...	43 B 420 B	203ms 189ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 83ac617edd834d97-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 338 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMr8a3wDVA_uCdx9jjQIzkQ&google_cver=1&google_push=AXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAruoId6uyK1_z2-ML5AxUKTp6OQJEwSKA_hxvZmLezwtHOysbhmL-LdvtHY4eeoADdT-ZVVYC5XLRFei4DAIXMEG_xIPo19wM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 83ac617d7c6d4d97-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8D67 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEFv5q0mysBV5MUS_e9dSPms&google_cver=1&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d3V5G-FZcbeRG5LNsc https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BB20EFD965745B3892B3260C6005279&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d...	170 B 188 B	50ms 49ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BB20EFD965745B3892B3260C6005279&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d3V5G-FZcbeRG5LNsc Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Dec 2023 22:46:31 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BB20EFD965745B3892B3260C6005279&google_push=AXcoOmTT0BBQZKNju7J6GKCbTibnJJ_ZNvuswGXMPpJPglCQrJDv59TucqNmhfN80CoMmv_ZrI9PFMPaxsiiJ5d3V5G-FZcbeRG5LNsc access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 23 Dec 2023 22:46:31 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 8D67	0 174 B	135ms 47ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENb3b0JoLwBsTpIoHce36r8&google_cver=1&google_push=AXcoOmTdzb4KMrXyrCj1oS836tFVVGdkv-W8WbXILMLYCUz3lvTCFF9LrCwKiCtgn7wkg_k2ouXwYOS0sjY2PCgM71X1oGeqzdEhucQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	sync x.bidswitch.net/ Frame 8D67	43 B 146 B	170ms 40ms	Image image/gif	18.184.81.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJfzPn6DYIrYCj3JL5JMAQY&google_cver=1&google_push=AXcoOmT2ptKQUttmQxoGZ8fhnEGA4oTbVYRt9tMv8AaXx7CwhLqMgiXnWpoX88WGR8jhXU1z0u5V2yxfGTCe3-JHMJ3oeU-HE7AbYRK5 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.81.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-81-93.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8D67 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAL12hfPOYT0_rsXaYB4ZZo&google_cver=1&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTO... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTOphRzUcuMu&google_hm=eS1zOUsza2ZWRTJwRX...	170 B 188 B	50ms 50ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTOphRzUcuMu&google_hm=eS1zOUsza2ZWRTJwRXNsSVpoT0p0MkVFMUxPd3gwRjB6Rn5B Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Dec 2023 22:46:31 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR54Nhxsf3sIPddZkq6EzH2PACRQpqN9WooU2fRzGgBhcKwZSC3mlj9JHu02-5wj4DpxlvQlCGG5HNqPEhyVTG1qTOphRzUcuMu&google_hm=eS1zOUsza2ZWRTJwRXNsSVpoT0p0MkVFMUxPd3gwRjB6Rn5B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8D67 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOMUd6MCKtH3vZfvLGgu4sY&google_cver=1&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IK... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOMUd6MCKtH3vZfvLGgu4sY&google_cver=1&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkE... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2MTgxODQwOTI4OTIzNzcxOA&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8...	170 B 188 B	48ms 48ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2MTgxODQwOTI4OTIzNzcxOA&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IKze79E3zxx_FlAs9BgI9l3ynN Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2MTgxODQwOTI4OTIzNzcxOA&google_push=AXcoOmRq7wM6uglL0jzJXZtb0nTgvf6Mlz5xO7rup2xzLl3xTv2X92vsXGsJhDIa0eIchn0lWkEvp8IKze79E3zxx_FlAs9BgI9l3ynN access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 8D67	0 12 B	47ms 46ms	Image text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LF1AH_tXWIfcSJYvCmwMCjqSEAM28lcemxEs-cE41yvEn96zqCr2ZtYogyycpnqyxjpnFT Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=250&adk=2021727514&adf=2833230818&pi=t.aa~a.649322570~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=307x250&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=2&bdt=1183&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 3B5C	38 KB 13 KB	40ms 39ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 462352 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 14:20:39 GMT expires Wed, 18 Dec 2024 14:20:39 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7FE5	0 0	77ms 77ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFBc8DmZYdhqA-rICLGzEztl3lv4gQnuq8_nj05dvnouTcjKgdGkafVxNXGwjHIksHyVqgG02MXroUzKASSpZg2ZxzRBcx3mt7hg8_3k6lQSgOOFivUSJLwYkUbW-PHvH_va0FAyi_uUbHSI_tFg5mKmowbUW3-ryyZB_cuO6B1kTNgwpWVZvLSRbmaxu0D5TlF-pnzRjcws7Yug0x0Z7n-TpnRxSYJ4vmdqHgvHXGQbCTh82PhMDTQOgeECIaJsLDI6-M4Vvnrwfb4m9kqw2IR9qMl86Ilb6XX167NWTPjr-bjjH4pdhpqTgsNZp8SQyHs070RwN0zVYc6dOtuFiElSqXi2mFtApmrn_25Vut-niWB7kH0aFqWNo4EX0nzafK9aJ-oW0mPnxYqtwsLnMAbNl3O7_5_zlTBF9y5zek0mTqvRItHUExXDeVzYwC0dTw7GTg-rZU54CXh4BTH-Kj25ePivLjkEQaESCE3HGHK3hNL-Ab3d3MTHT0crpuUMSlOwpmOGGouF_kO_ZrGvJDPCl-g98-NfvLnKkCg2LW0AwiQXU5xtEzv6vA4iTWpgaBOeFRIqlQxiahAyYYuflpIlJDWqcWoAeGmDOQExhoyFw6FcurJ9LiwWHY8dIWnd_P6npa6jAMPvarDh1Xpb3CL185CgE1kjd6RtDp0tielAyWR-b4_6F-4jYZ_6KZItlEdrtsbL6ygz89ZvxlxvSthW507pJDyzlFtxnbzJ0PyiIuXMHR2d0jSugCCqFFB6iSamosW7RWp_ENEeprnHFCWvebYR1w_bcpx6ieZv7dqtpWTpjKvV6lfjhfPiyR1ZFPZQlYC6G1boGa2IE2J4Bp046KHPtJfg3oDdUI9Xf6H_lYblRkWXR7s0zl4O_ejlxbGo1_4M5N2gnjnqdXWuVmkl8RxfXYDIwAphxVaPM3rceafuhBD5F2ygWv2F47zBRGYET48GwFQn_YhL2ujpE0R4zudmcn9fRu3XQqwVV8P2xW2oEkK94IJjujMmS0GgnD-I5AmjuxKN2wzudXl0dozWelVZpbQL_C4vatcLz0IGHntzDhlOARYtBI92DVHI4J3sJIr9iIpuU-vDwwO-LgVqiFD0MKboTuMQg3nb9STWjce8ju0VwQ0idob-Gci4qd0cb-w1HKLoIyIf7uRqub1NzOOe-0lbDmR_4zMgoiZJNeP1ddJm8WIPOtQG0Sl_1vsPJdFDpreBr0_91OuTltq8zh8OHHLkS_f6B7Z7Jf5OjsRyztaTH6Kf-kXTNHUS56hXJRgMoZjAGEhiRx-tSrtyagMgZ0fB2gUVhWvSi4WTO7a9NKNTA0FfvnI7G0q9C-gWvkpMgyGMDFnTDsVFppyAhE-d2585fmSUnocm1lsAbdzNkesXi9qEnEqv4YXDq3Kqm6hC87jUUSP0yhj0D3L04XQoQaQoW6efiPb1dsXQ&sai=AMfl-YT7yBA5r_ooYtwBomYHd8XKfoOS4U78bG1ZvfqHovHXqhFw3OTldyT6f6Z_pVGzuYZoNJUlU8wJAWoTTHIFwld5yzBpTDVcqE38KbTIUGGcgKnJ9T2cNqTU9ll9WC0yMhdrfYfJDi4XKRdwvXqCk56yJGGFZcCSA4bnoT8tPheh8XW1n7PQ41DPn1ZnH-fIljn5h0I0Sgh-cK2EVSASFrYngQmfjcx3nTI7r-Mpg1bvO83MvzhRMc63V3M5rNZgns3z1SY&sig=Cg0ArKJSzNywB-P7X6FoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=205&dett=2&cstd=0&cisv=r20231207.75745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgNewt6-N33O-inploMy6U88inQq0gGSef1sTgMni-FqO-vPC90JdExGGOYprGmaqGZjxq2eM3ZKt57xCxfmmudfHDuL7whjVFUTo5x9STFDJ_r7f798W0sFhR_WAXslmpmk05KpUH0VhmcbHSt95PgGoX2hzs3uW9pSXM3Me9Q3jGpHQ&dbm_d=AKAmf-CxZn8DEiOYKYf3th7qOS4D2WjvOlDwH7afYS8crFru8vzg46cjrDwRukGb9grSCprc1-MbVvXxbhfcnpGPPyCpI3tj7rPPqhCgdRYYa77v87zV79MGPkcKcvBpjUikiOG3gsPYbD3Hg3mEe1U7fkpV0e7unF3gRFAS-Ur28C6V3GzKTB0DVPgcwrjBuPywbwyTir90RFDWhIV1IyFrYrBwPGO4aUrOFPxpQ3vrCbgOJjDfIIlwzvWPeCU5OnWC2y4zAFjcSrCtcykJXBmTD_gyclu_wduQn5vUPgWuOKHsOTQvy6QDwciCJbyoV0JmNnPM0Zk_fsijQ0-Zw1eobiVOvVnISxad8jLNGTZOt7_sCJZYNjRN_IuN3QiMdW6TmbAFBdiH3VJGRA7ss8KV_CHLPJx-ASI_L2zA_YpeBNnug3m7P-OLI7sTJ1Qpvm1V-NxIVaUZ76g1u2MK99Bh333WNMh_dnRzGk5ST_4h5oIcReqmSHqSUMFK6bWvMC8XjU1Zpplh-fTLftIGA5Zrsf1wrBXbmFzTW97Mr2WQ1opC6uCAdUcOqYmTFgcIjZsiSE5YIUdYZhhCSdGO_za8F6481-e69VLPVCd2rDWCOfOu2ieeqkHwU9JWPBEJSVVvYuygEYWitJ29FdcJvMB_1kPRy86rAgGnlwHxTthjoK-bjoRFULcAXAKpVCzb0SzZZSu4z2Ij-f2Nb1hix_ENp_au-MDqgQlJFEb9GXRtkeGgTnQ2ZFF0bgGHv55kL8Vp0hhXPVtYji_EL-EFLIKs8tgGsJzm7DZZVm3vncOfp7zzRzWYNg9-aBidMnVvVgzmOKOxVp0JjH52RcC6vMjZs7rmgBQ8CxiYWOgE76O-roETyglfInsS-2s1JxVIt0-YYkLSsasO8be7UM8HXBr3SZPLXHZj-CA-g3aMyWlxnsIDIZCqQ4rGUV7xDI-QhFX6OVDrFvvCGOI_M4-i0kVm7Hq1b4hC_7gt1XWSJqVSja7o4437c9ArQ8w1IvljJztuoYwW1byaJA05VgVwSsAoB8__bRIs-LVCpLhPeIj_43NmG_Zvepzg4XPP-Lmo5A_ON4BLvniuu5lsV_rY0coz6JkboWx_4KjvWohADb8SUjOanhgYQiMdXduNvMyGWXsvejrsoncu9uGT9lsgsFn3g5ejnWdWxLpQdwiqi-L5QV_MmvmuUj_Tn4AkiG9nG9AnKrCagU3zE7JSvl807iaIWN0LpzF9BLIDYP33wTu1NB96PuHU3YXdi3SAbq6SuKyi0HyvAORSEx-xGWDWYJROmSdyd4d9c4vBeDOih1YUwh_GCBGNRm3TtdBxdyZbUIfnMVyf_eGsi-xIZv9rbcAmXLoIqQ82FXagyw9ZeGfXxdJsfuHo4mEtVcVsm6vBhbVsojrVhIBZ5skIH5oIwYlPHoWbQHz6R9671PYXfwzvAAWs1ju827LyXu-DqFaj5WWv_gN0Zs7oLdx-fGU7LZ3vbaL2iKAqxjPUTD9TnKrXioySRRf-zLcg12FU6u4pGxngnLKwM5bp_q33FNKoqCdGw6opMIiZDfFKhoK9OtA2ave2nA0-It0rytuIZE68aqIddL5lXaKsbqVa0Ny10ayYhDBMY8RMdldnBO5BAoxek9-Aej-ldXj4SCGKwqMfTWLk1rknWwpElxshkpPce-75hEJUGhNBvvCV15w_JtDfWo_dscmmOsNWfTdDFoT296NemzUYx8YcQFLQJb-DMP3_3dQ_lR7S4TmBsGhGRikrgFYkmeVdTJzHxCzyABRAwwhJpG9soZP0ET1yWq_8dei3q4UctlknZX9x1EeO2dd8J153aiIOCK-l4A9GjYsP0xlEJkohWcyPC_5JTYFr1B3lADW5Yo9UxQttg42RBUTpUUIiGZPBl1fZsZ_kFX90ztzu4XZTClh4ZqYd9a6Wk7VbHt_aY6ZJw3biN39coO24NlAQsECipyj7RbOGNJ2ReMDmsxZtyD7sEJqMwaha5jxmH0ccuLnrm8QaN2B-g_yPctTEaclix5I6Kxbx7UJcJBlEudv1m6RFXl0PGGjpEn-kfR8jTtpcojRI6aWrOZPW5rciaP6tRtgQnbyxPu40jpTSb6civqHi81JoHh3i8kAaWMC1Iqj8MRJEwpU9ibEbi9ocpiTMEW90Wn7clxBeyaRt4sZty15IhkwFVvwB2R1uY2ZqSUtXF2I2e2WsulLPf_06EnlkrdQ_tnYv_X9ZeRtIZjAPFcrQJuNDun7ktcJCVggOU8xKfqLMkVpq8goevBuJn3mtSrwWyrMq-OKzB2ddYYyp8Q-8VoOMC87-hwh5Fbs7p1XmZ_M5ft8qdl5DzZSnRCegfxoGYlGyd8peS86na2yAjqBmVoYpxtk4rRcrQabJWiJrCIY3on_9uNvt5q1N6fWjK5zJblEpa6qzploIgkvet5GQRKZIb2nehYT9aGXof0RFasXOsdYfijaxBiWEFKS4KX-2FIA1dYIBP3xQdHNd1j_cmJAFsKmxSdxNnz3UNztSQUZ8toz4ScGnZ9VfbQ2BOj74h1k2AnNqYYBSJLRkmo6Keu8_NXCKaKO1EpRCWZ6ZLScm4VgneRQamCEvE7FusjhYOu8a5uuQI9_WBJlc4tcUFlNPe9VusxQwTy3P9ImQNZTnL-I3zOJ3DW-tqPP3cfKr4sJ5ALAdwQXndfQczJpp-IEuu60aeQQhwvY2HEHuTe24_0ucdlBMogMYYWObxAIZkeg7dun7EnIKnif4M5r2Tmxphnmi2A0M9fm0d-Fjtnl1M856EVIjqkPdqTD652B4HU9Hvb-FEiqQJg-kgtQsSdlJyzi41MfURn21xtQEhaPlom-dIo-YHiXLfLHRHiPdQUk88X-A7SqU6MBXQxeELSU5Gf-1B4PU6PGR3ovu5u-ZIVz6nYi6tkSV3VjPsgM8D8_6Sp52AaoLr9UzQocIbq19okCBOv12zn3y_75AiBuI47Qr1GzYzssaD8gtqj8EuAtxMXJNlScwoBIPectJyS4nqfbE6FIleL5HzlRdwbXUqQOKsRlnMRnDgnCTkEbawjgSQwOcQYnic7FbvbEeKIDZ3M3zlanZVdHFVP8ETmGig0DyJzo1idOHt2ZrZu3xKbAwYE30tuyeHGfXNTn2M1i0QIct0lSLaDJX3U_c3eGT47QEc-OJ9KICpM5ueqlUOasiYKaOg6VtchMt_3msC1f9JsEfOq2xbmlxWy78Cy77qqCZJPm08i78r-iqBfl0H2AaT7plAR7dE0Av2gUr0SPQXh4V-eYVOwAbudwefK4iDvqb0g328IVrredMp4C5UsdUshVznggoUA6v-k0DtfG8YvNP044t3MN190295MSroeHH7LE2yo84njceZS2l2OQNFJ0lIpeUozLkLVEsbzNaAk4yu4oz9QGftqidLVK1RGSNOFl4oD_Oc6AiQ2JTKo6aOpKfKG6ZWEQx8H1ui53DIlbodcDCU5sM5wdO-5fVSlbno4glzimG3czoO1kCtLLNJLWGAFuehIuosUUn_BZo6z63RpnVMA-qIvnu5CVElRD34Vg8glPE8lCkiDVGZ2UJgOosK--1G8cQYiQMgSpycy3igI1RTL8fnIGpZgTmcTNdgJTJC0nYQUtm8M10T5akY7vZNFfYEDwZJ_HyfEWQVAzmhT8EyRHJurZ_gfGcpKwKCEJIvrj_3bL0hHHzrEUgA-QZ6IV9YT3sfyy7FuPxdOv-1Bntm-pj2EQ6xSkAEd2liLOwi8mRB32O48htCQuHXbRLNVYhb0MNiIHW0EkN6JJI4HtWvieD7PNoj9fVe-moX8_Rp76rEUZdYOy3gdcEtIrvlufpscFlMJABIwzKV7vJW8GohH5nl7huZz7O_wInVezE9ZrADMOd5fNrzRCclTqtyAA_urBczYLk&cid=CAQSPAAvHhf_sFknGS5PTvsjkFcSqP8Omy02urtdEm5esPFPeYg84asxGjzwl8MBd06GX5N0dHIepLWzZMjngRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=10421351764151816000&adk=2124396031&idt=168&cac=0&dtd=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame C7A8	23 KB 8 KB	40ms 39ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 482029 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 08:52:42 GMT expires Wed, 18 Dec 2024 08:52:42 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 283C	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 153928ccda696b520c69e466b67f15e2be1ba8e41e0cb367dd19c8b72fb1fab5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame A97A	39 KB 15 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:51 GMT content-encoding br x-content-type-options nosniff age 4600 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 21:29:51 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 283C	0 0	83ms 81ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyY4heuLpcqHpoqe4jGHYfCiGcijBoRxTf_7pkml8bFzNdxsqUtplmzYMbFnhHu23nlmcxw3YS0Xz0amsjn5kVGmsJ2jo-Zi5hUqrOuBqLd943pwk6Q1s3LFXrg4mXPMX-bKAx26Dd3tFhrvL_bu867YcFvnfORtm1HjDHAloOBMWdDrHRaDT1W3Xc-k60ea52Wp8ZwneTYgCR_mFlavak-JIqQ2WciKJb-QEpkmrSYrfB9ANqRUNUcvoaD4AcKyo4SgmuwP5Oeah3TnFp9R7jusB89YpmduDTGLepYCzaZkjcbB7eEbCC5ENvpbHvN4Ho_k_r_pVDoeOHkKRPVG-nFRwQl5ulzttHNnr7YatGbK_Hkv5vH-HIMCQEE2XcFPIIRWsuY4o61kbkBVod4z4mPJCuEGwM3ymza2x2FvDWdUF0IC1sJIZveLSX2xT65SIp8zz2ZbACpMO4Unw7fk3QbmQkfGrceyzLXW5qNTzTEAXkP4K_SZnilJo66aZYZOPsg9T13-ySip2JWQp_gJo27SJyiTRZhHsfOrMC9EOo3TFsHO6iTmCruB0RQrg6IXfU53QBXFk6y6n63h0GXi0NRkUcdffInmQTdBM0pSUNpnYmuqiPWAULse0qhlLd9Yxs5k5OPMv-YfEGpAnJsf6f2nqKmivTj6RScvqQ6rFffnj9BnS3gDeyYpPkUCk7nZo8BBdJaODZLmUhMdE4xXJC4BCQnQOG_yH1vI9PCbRtBUdT2kUItCvvQF-VTCaYdolkYljcKcjsQ-tykG-4_bJTw6UFRZT8LJtSnqsOPko-Rm6M-2NtMIjYCR98kEmun4L4G7jb69wN0tZd1HmjbGrKKrTNLizR6qjtbzszNIS6yec_HrQAKrcQ1lsp6wgVLKIqf51inpiHbg-Cp7cAoxfN-teOI0cTVISKrFMhbs1I68GK1KgBhhDYArsc8DrzTzF2DhJ9vBe-ZrTqHhmDMuvv2uW2x1KIKkSSd9FyjHaKl7-gsjmt2z87c9hiCxQYL8HAQvezIciVut2_EmfEN4cuFqphUOt5sWPLpi9WFYP9jDy8-BV3iySOniMEY5mgHHBw5GjSlTCI_gtUui7lKm0IOCQAqFlJeQt9_t93LfvzH6zNx02pQgFUQhEIYvjCSteaCe9TGhweAdveycFQToRn1WGqdGXA_cT8X6aBkwjplHxlF6UWgkVAfNpt4jEnuQLU-e92WSPYvmdvg11mXwsUksK9VRxQOM1tWlm8QCNvnnCqVATPKyiSZV_EW45p6wzyYLwIuFR6TnUS123aiXNcDeHfLdQfBNY41mt5jW-IsaWuXEASm9Wk_A7moUwbR9oQJLvo7e7PqDV4KnVq7ewHeXYrARNtgIKKZUoAE5seA_-fMU867JFTY8FqhUFLo2jT8oi8Hy-SpQ&sai=AMfl-YQsAvw07JQC4el60-2WQUNPqZh1rSkPztik0Uczdz4f35kIFdmouG0_NZ8rHSeNx0mUz1qPsgpsgnYfr4xtI9NqzIhLM_qF2-6lnQHUaIwpTlZDzUn7IT-5aJL9U93iVuFbtVInpOCfzCq4LWU-7TvKIi8pteLms-B_ZrzaaZmuKkW8btoWfILDfiQlUz0jxninUObYvZvunc52lu3f8jSP35QTt4lOSWEY1Er9clbCxNiyjkoFqKejFxfu97SLiDO9e-5xeojC0w22rCrxZ3pjK96WwfCdAWAm2xdyfQ&sig=Cg0ArKJSzD848dki-mJgEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=309&cbvp=2&dett=2&cstd=0&cisv=r20231207.64439&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5Jaj5w28Qa80rLCQRcdhxMFhbgVTyXnt6OpvC_ndeCkswOe3aq8fFVkfAqDzRgYcNppD_-hq53oOrJhNHP-ISgKpa8UUJ9mWVAVhY9_P5h7HMuUx8MzKYHU0X5oPkCiVGUI9DvKABhMfqdezChyvlQIKCb-4sa72YB_zikxwjj9K8Gig&dbm_d=AKAmf-Ae544aNsOdzsIBHfHDEkwdyfaDprUQuFxxrrxEoz3siBBNDboCOZ_O-TvXgAhM_P0LFoIjv3nx30spqrFydINYfNbaU_b5y9zewPsAcSBABQQV8WnbKY486t7NLbhmZEvpn2X72ABfxi5V4o3M4wVjIGuIRIUU-C7JwgFf-xEEDzWxNcp7ysIZvA6ZAz8ZDcTBcmj6mn7NERN2NLixpKI20N-88_bRfcQIfnrv6-TTpOs8y_enz7aRlWWLXJlv4qXnoEQtnPo9y7MZJmNp3nyP7hYr9ECYya9krgyLK5WtoeB-HIquc69n3QUy2bzwABAeFNy0K_s9a_an5GKq-nKE3SYr5XaScw9H-PcAcqWJZQGfaEIy0Fu6He7GOXryvMkN4IPlqVNEd-BwRbsEPVGvSfXtDSKiLuNTtFbK5urCq2YlmQWkHL4jioAX1Hs4PJ3k4SEJzXcggi88Z7-IwbwVxkVO3R8xQ3M9ZHM7K7cD_TnXgaIWlsqAF9JDShbKBf27Yfo2mnlKBqfnScuCdbOieRnxygXlsRd_wF_iDCr-qETRO45sXT56UHUXTxhZYXLg_gNMGx_SLPiqn_Y6a38K3hioiGmGoGIPg5X0NvKAJd0I9diCMDwU8NmMrBRRuoYPO8tOMgRqAC3g41oUlim9sKet54z42-dMQU20_dVVzpTCf6fH2c60uX68vFmEGRchSZZVAHtZDe4NMpyVuE8HDG279TEu8cT4x91DJ2ap76lVNJCRtIMExkzPAde6hOMVGhW0AWoGv5yfTh3ZWTBuGHhXHO0-fw4tWPDfwhFlhcC94hHO5U1o92NLBOVnS8sP06SDUs38tHv69Z39SQgw8t17UvT9tgTvbEZ80SHefEhjFhMxhDLP62FnF3Mb7fGfOCXVV56O9dUNx2fmYGzFd8Z8eW6pxixpjvnCOCknvSdzf1I9DJPgo2nemPUi7wPtuxs6asPE4DcIMK4bHyBDT9KKy0omODYnG_pUxw1AsPgWMXLQLo82hB_I4-oMcym8uAo14rNI9Dk5ciTocdF4NKh7D88AV4PWZgG2hCBWpTrwh0n3hk9iAe-d9aAzCBU_buPGcKaMh2UQOn5lJO0Q2erhF0Sa8IrBIW6enlzCJ56nQjYlCyDJq2vj7eTXuyM8wdlFFW2KTcH5Oy5Y_v84FYsNOv_Ma9aeKs73QCCMucLn8Mds8ar8Z_DDZcs4gmJ9dU1ipQQrbulmbq5n1wAUHmhBFwj68wploV2w2NW-nZOYc8Ap-zyrtzIkz8H1u4aGa7qEIqPnRIzJgeS7fuDp8x0L8Q_c2GRlAeMmOBJVZA4JrG0jWPHU_j51vBwe_Vc-nDZrdX8ApNtISEwKoCYO873b4YUXV5wj-ncY-YsnY1rB7KWqjPq7X7dGrJ69yPMfVYrHA1g0eIO2IDxHc6l0ABSs_wp_1sAYwbfwskY06Cq1ZvidevTEs_BJH_VxCPG21J2GjGPvpNHZcNcyaE85AFfAKYE5p0epjdhTL4NZqNS9Ma5BJfAoXxjRQsznSnzUShuxzu3AGDc3GOwCWxQGy5VLC_ZXoCHNcXv2ddNMaAaIpq_EklhxWxcq_BMSQrAmrkq-KSslAile1M3PKzxA3ZYSZEcsyhmKi-4_XGr9NyqfOSFT83jsHvCsNlsvUQ0hkEpQPPaZTnpMaRqHLQbdFHoPyTdOxNyortVD5f46Y6dRn7VF9wh0djOM5spvjQ7A8KsdMeuV6f7yURGHIbuqi69o_GLOkF8vCjqeiixwsGNW8QGBhA6cfNRdpg31RvLDhD6JkqRmxVg_TKZ342wpNa_PsegCLC35Zf35EDlU1bncmq_T62scQhl6Ak-sQGH-5kuapDDKeOwTX96eesqkEp_luaNSuX2krmvYiRLKOinYrfBD6AnUexvfVeYjXEvb3XrsAIaNI-OB1kpvCUBipIvgMDn758uiPd88ROKhI1fu-vIMvyXP5YQfqOJbXyJVjkvakJ6Xx3-Q6C1Z3LE6jDUJOKi6xB6tO4-zurjFBbbNYVc0NvqAjizOvEfLc00Q65WgvAo529gbFgsM-543MXLKR0OTdrLJR8FtpC3kdxGWwJV8R1aQxod34X3Md9Ttw59ztlE64PmT3g0Xu8pQkzlp--H4QyEwJUxpdeTGqCP2qXAT2SvftLWZc1uifjOIDyn-GIf8eO4qA6mzN3hjej9H0ATthz7iFbnjmcrSP7ixzkFyEHMq6H5AV4qCWAXLF743cgszHokK5qsfOds8P_27ErPmS3BueaziXJJjbhbVbJnj5_JRTCcmS_9n0NkjBgwsYY-mPJ01Yqp3Ej9CbApKaU9HjgZ6CrkrVqdvN2JdyzjbKJ14cMYdbrkbJjFZI5ovS3a-Zi7DCTqtsgoQXuOOhSIdCH90MvYXfAsCJrxXMQzGRiO44qWwYpUmjt5skuw5XhYys5imed_EfpvEKSY4X3nkGSZRIyVmAkU-Ufaec7oDKQDZeQ6GSvsvwgFgrPCG6kL3FvIkzeey1Ph3abHP-1ewqs9q6PyhXEDu6gSk2mLgCDZ1N2GaytJykmizjjul6yuClNrEQzwtqyRompvFL4USikypQMIpE7QbzDrrlCkxj2RPyqs0Ktyfm5onWQqYds0jv-CTlMe_WFXnDbcOy1XW5ngLpESzlwL-G3_JQ9bAhPhiIPvaCuudRVq6I8Z8x8n_27ieS48f4WLMujOlxGUdky7-mbAMlgf8DozKC8s_6C6lP5o22ymagA-nRxv5UK3tEbi_0uoEGSGIl99aNJf5MhZEjBL8liluhwJqx1dBNxTbQ-4Wcp0_gQ2ZhXALydbalo8OkaKQhpgeppMiKgXRZe3ZFDB8u_ueSDDHMbO3ZyJ88ui1otbSbdEBRbU0-hGE6ZmD2cq7Dg7BVfunjoaY4cC3OCD8zEzFrQV4-243GrFMwNgzmFKh3KsHpMuGwoJMkswHPTypTcI8hhpUDL_mcbLlxgd9FkvG7LVze_BYQzSgVdcFiAthAHrcCvV6ZgRh8oWDzY6TyfzIdc2zivk2dJ_h62ujMTwW4_CowwG6Rxr4R1n8eiNJyIQYFwPj8OHeSMPRQSUS5sw5MuzE9JWegqOZJ_aVZ6YtRRiU2qMV2yTeokg2frUHEpSDmthC2vyIeCNjw5dG-DKCTfDn7qSyC6pORMszhBxYBFz0aESjfkgeDNwAy23rhjo34_5AJU3AnvXh01xQ8hR6MhDMbnJwRAQz1Kql9sR0uvtEes-_m7zu_HRX8DNdHvPRdiwtHNJnRg1wxABOxGChForXMBHAftXEQoIzXjl4LCnHXBewp_srVvtzMGuqHLFX6xZ6yoSahX_Q5QKVkkk7GrRm3dLOcUsqvSYx-_EmfuKw3e895fyobrx6yK6uh7lbqiohW8XR7cVh_Ju0f4nPjQw6tzCk-QPXq1Sxp2NxSDfFk_thnL5FLbzWFGazbL-ni6sBwTDSYunwyzLbM_mV5fXZVFQmu9fCoNPpRkvCLjsQuNj91CD8khNK-beTz5wKZApXjj0RCLGksoRGeoQIMCBM6DYcgBXdHOVdYYV2HFGTgwmMCdsIm1tBqVHBPsNBpNiwfjeHRd2KabRiQ1T9kFn7db_Cx_VhEogZgYlkhN2VvXzftgaCTSoobKsAYZlIXZZM2qs8tusijpblR0IRJb63inBZpc_uh8tc_5l1lMzu_OF5UogDhgwngNdcQVJJQql226jnu41j4J_-LNBPFD2mdV8e7MVndvuk_4DLzu44XiuvzCvLPwTIrvNXgcRFrsRpjNEVWMnnXuPex2AaSYvHzZd9qEZxyUaDGxfWLpx911lMLxz53EtGsvXLwUrpkEyv&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=11359999409173770000&adk=1877897942&idt=181&cac=0&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame 283C Redirect Chain https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698500&atb_dpuid=di_dv&gdpr=&gdpr_consent= https://d.adtriba.com/px.gif	42 B 227 B	40ms 40ms	Image image/gif	3.66.143.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Protocol HTTP/1.1 Server 3.66.143.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-143-165.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:31 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Sun, 24 Dec 2023 22:46:31 GMT Last-Modified Sun, 24 Dec 2023 22:46:31 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 3B5C	39 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:51 GMT content-encoding br x-content-type-options nosniff age 4600 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 21:29:51 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame C7A8	39 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:51 GMT content-encoding br x-content-type-options nosniff age 4600 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 21:29:51 GMT
GET H3	206	file.mp4 r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CA77	264 KB 0	82ms 39ms	Media video/mp4	2a00:1450:4001:13::8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r3---sn-4g5lzned.c.2mdn.net/videoplayback/id/0f7d3406455dda31/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734993990/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/148D57F3899E616B963F7F2C8C1546509004A531.2DAB29521C2F2D734153B91AC735213E5F40ABEB/key/cms1/cms_redirect/yes/mh/2C/mip/2a01:4a0:1338:92::6/mm/42/mn/sn-4g5lzned/ms/onc/mt/1703457624/mv/u/mvi/3/pl/36/file/file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:13::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://googleads.g.doubleclick.net/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers expires Sun, 24 Dec 2023 22:46:31 GMT date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff Content-Range bytes 0-8606403/8606404 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 8606404 last-modified Sat, 21 Oct 2023 14:55:47 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://googleads.g.doubleclick.net access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://googleads.g.doubleclick.net client-protocol quic
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A97A	0 20 B	77ms 77ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOD17xrSIZaPcLJ7B9u8PkvKn2AsAAAAAOAHgBAI&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfOGHBLJooEmd4O9HZFlS3zt5xT5ukF0g0slAgNWMwobsNA6yRTT_hRyq_enLK3tPdAgAAANRSAAAAA2gBB5kDYkoko6QKODsblO-qQjFYSeCnUAAFJgUloPCUyMn_nOWW48UqtXRXXVmjaz47FkXN7Y-vMOvCUrqvj6MoC2FGTyIsMtIrJrWEa0vD3_9geqaeFSTeck-4wYex4xjH0S3TiyvMOUfrAoUValqXy6tiXRIXA8vRMpjAfjLNeePxtVlWgMaTywxSL5yFMdoEjJOygPEuo0g0O0SAuz51xA4cjFXU0cMPhUV_5idN3ADA6uEV8gliHAmtBTLoOrwtvHxJsPtQkU1-wKwVA0XQNiMSZFbK8NHoSfsvFcywlXvd3tQg4D-q6bASzt-07-7XLKH1Ki5HcVxKHwvgaeFnDuf8Y8F9-1LfScCOibiyRKscWhyqSKiXAadbagGe1XMkKgX-4R5s5vZmxuTMOC5nmyPPMdPKLEP0MSzd56oRuGaz3TJ2NsP_FGLSXaK_cPpK4ydGQZhkPCRHinSa96nRKlLWYIq-A388Lmj6Im1A5-wd_edzEhjtYH1LN8KluhGFEN7EC77u-3x8J15e4rxeOQNF0iEp__SkvFznt9BWWq4sC28YJk3F8Un7GVOVrBKDCqj26JoehYZPKH-fqJqn7idqbVqaG4hs-yWAJCt0A5QPwXrqmYBM3Rv9YZanTdVzx6zODawELbN3nGo0SB9HW6UX84UhYcF7IhwWAmF-uS2v6ZEjs46Gh1l84wCCUOisAIjZZB28AIU2E7C5EcK7RJncNef7HvGsvD57vX3H_rh6F1a4DlYyoFu8e7ueL9xtCoSd_O1IDjVKlo72mIFvu4PdmdHolmcrXn59eDMlfON_VdKJUhdVKlxuBMmK5d8rvrgpM2PGqQsI1o0ZARVo7MWfPoTbKS9zpwN9EtNdcG33J7FpEQXyYagGe47eEATVRpYOr1RhX6UMHIn36VuJJ9qSzhPdY4xapefJB142idl70q1Gho4QX8K6m1NXaakHAixacXajgh9xXDo4z6WmCRdpYqdtL5Zrgiuir3YFFZ22G1c0cZpycTDlMwfm7oFAYsCGcgZROTBlKYYwZoHIdRdQa8nacUyDu8bdrWKXV4iEUmHkbvtSV7NbzZDXe4X_g2xTX6uxAkFkQgXE-i9ao8Z69InN_K22EgiigYwoO160bNEdkO2VCHHHlWEjatjvgmCAdzZV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3B5C	0 20 B	75ms 75ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5XESxrSIZe32NYXL9u8PtqefkAwAAAAAOAHgBAI&bg=!0dKl0p3NAAY3kmNgF5I7ADQBe5WfOLvSIZRXL3lKuwwb30xgn2q37aS7QD8C7k_bjndxoz6L4L1kX5DNOfU7gCtNM8wDAgAAAOhSAAAAA2gBB5kDPhXpuUwuAvIzuP2Kaz4z8YxMHm56F9IWP3r2V531JwLZhhPKTkq2BIaecxhMda3VXreLydWKPmC-ci3ValhHe4o3s18x7OuEDZT1lxD1Q5TWhxYyHoVf3Ro6UWTvzyV6u9GQBz78JFBXCjLu5nkh3maV-n1LprrCQgTes5pAyuItaXuivwDEHv3UYYAmnU0vX9ThWIYOiNAjxl_alJ3YXK5WXThBZw1HAlka3tXwTYLwdXd-1ExLp1B4kD_qnqGzQCzxsIzgZDvPbMhSklfjDNuQF0Du0yDGUtol836fVjt6n7VdX1Rhe0TviMx11xJB1YVKo4j3f1pSV7IH4TvzLa0RfDwjK83M38wM16efeToobEXHduLW2j15Fd4jmHmHdvCn5AN7cglw-7DI-3BUeyPxEfIpqgdP4AFBWwXcgVSjB3USaVKP5CFflqJHVxZDCx_KRueQzX8BhxaSA0yeS2iV4tjv0vsMwzoF-yXvNtUemzaAIv9ZyoH5lNiY8bSgoisFHnvEoIwyjcmAbq7zrXo478Impp7VLme6rz6Z4-SuDov_60fsrbiTZ_O38epH87uVZAYv85934_vaTv14s3JZ2DFojCbmZtTMEnNPjXy4kXLyXgUTrRPMYbZnvF1FFH7VG04_-5vewmCWPG-Si5ea3-MmOXtt_bRdipuVICc2U4QLTV9qPVLVd7AlWMWr7L8UAPF9gof5kn5AbKc8hVT-08qK1yZfc5A58oj51njXRKN9Tk7MuAwEp6Us8L6ZwkG_GjKqwjLcwfuDbH4x_E5Qx12Sj239EhwqSXK3WXqhXQ-OKR2DXimcY3_VpCJjsb-ycR55ACM1COmQ5yqS4I9KbnPOP1RtaO8DDs-pV0A_TpE_wB5ximJ6MWecHm7x2jSX0uxsk9483_8ZioFNF3vs_xHwCXP1t1npM6nZdYuqpAuDjOpG8GrE6J-8HHuJJ7M99Y6lx1iaYf0TXVq-SNekvJLiMyCPe90A_AZIC21hEF40_-uXePliuhUEwCqJBw9BXTcaoKJmalEl7VXGgmISH8zobDmNMuVxVWoGdCJElLAHG9yXWYHdFvOng1wzWUHF4ts_-K4UyLW_tUTZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C7A8	0 20 B	77ms 76ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BtdXGxrSIZaOhOI75mLAPwuywUAAAAAA4AeAEAg&bg=!FBelF1jNAAY3kmNgF5I7ADQBe5WfOPDTXVuKUhAIg1ki08aMqhQgKtclueKBGsjT1wZapuFDvY0VT6P9svZefftVzYHxAgAAAL1SAAAAA2gBB5kDSw25BC3aVfXoeonsjYQ8Et3uN3OxHf55ttEvm-o8B8M4c4UBRQBrYG3_dNpKMlAvHJYLUTeOpCQSeKeimVnaRfN09YS58ly2qEl8byuY-q2hCOa9zNi8cNUrpXDyWjdozZvgycmEGzZNMOK03EA2h5XlDCclGfnwU_juGDyhzeBT9upPlTCsaEZIVeRVxdq9ysdVjtFjThM9-V7osJfEQfQpjkry8aUI8lbqdROO8FHpNPYjUxLelgiIfmNj9FU0Sd7_Kr24xd5OyWlAiersrptV2hxpTxKxFu7gA8lLWSBDW1xmd_MSebZj6rZ_x6dgq20sosqd-Gb0TGqlf6tWA9PSjMAX7F9PuuHKB7IEfMv35CQtJZCid52KVNl8b6AbkBBPR_3ZQjsPQnV_GgmBKYTwrDi3yVPwT_bGu199vRPABoWm7x_XgCSStt6NvbULM5RB49prqDrI_SN9RmfaKqrIIsPQQSexxbzrTBSdDo1vDfKZUCYJbCFzfGlpfWRi4Gb1ucmwIDPst4tQqCf4cJU6Frl3_0n1B9oL9Q2kTC6TJvucvvrWRGtf6_wEB_G5YWElQmihDAtaNSszjN-9Pt_-NXPhnQThPGY_U29vkp9NEs0LAA1D4Ayc2aqfSBHG4WWC_G5OktsHCU-BcWsj2VS6ANxN_Ir9wPsvFiprhgE7Snl5piY5d8TEoZEKyO8jC9JKFpsTg-mp3XxRSel742CWRW-MgcOpatFhhMi87O7r6cfZU31J4GFRclc5WT5pshVF9O6bJIU3pSKKWwALEsNDIPPH3FYoXDSI5Qgvch47xlOWX4RcGknmCPYQJH84_PEoigMe0vJpCMbukoNjyljfa0E1xtCCXR0DbkNf2ZTj6p6UxQR_2NzW0VyPGy1cBFD3hTUqVjQcdHG4Xp6PgJ3f1ozuoU0IUNhvYCkqeuxYeB111OzvvHyQj8qGuBuI3CQKcVVXbJNvm6AJoSDPquuW2efbi5XcDhYyJiQMEOj3bcGGmnPXcJNPuy-5T-LGFdy6n5GzP2hbvfYNsUJ2xbMZfEqC_nbagmq8AA4u0DrCsSDfC8AN5L9fw2PKkTyT2S25FUnWj2FZNo_xp6Y51iQvuICQDGUljohREw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D06F	624 B 242 B	85ms 82ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfvNS-In-XxDRCiZDUVDwOQeUSmaWHz6U3lH0KcJWU2YnqoZn8UlCjmqQiJzSfohClULWBxvbJM1AnOYi02RCXrvvaytJsmNwI5K9WP5XEQEnTMrQRyDnj5UKaSpsNdXYGOiqvvRrlVsiOmk0qxYCuJb8Tx9x5Jdn_NmcyC6rhhYJ7_VU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 22:46:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1D21	89 KB 31 KB	109ms 108ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 24 Dec 2023 22:46:31 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1D21	3 KB 1 KB	42ms 39ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:50 GMT content-encoding br x-content-type-options nosniff age 4601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:50 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1D21	20 KB 8 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:49 GMT content-encoding br x-content-type-options nosniff age 4602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 21:29:49 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 1D21	0 0	50ms 46ms	Image text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfYJJaR4TxY-J_LDOrMHGcbyV5FNjWeyicsxpoASuB4tXba2nJrfH38S64Lvc-iIJIWNr-_YmoQlu487J6w_hHykqcOg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 1D21	203 KB 64 KB	51ms 48ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:31 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 22:46:31 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1D21	42 B 63 B	74ms 72ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNSltfJ3sngMJT3U0VI6lqmk1UgZgEgkHyD-qGkDcDyD9vsCZOdfaLmjDHEr1z1xSgrLn6JtDQOpwZasO1s450QpprzfKx9nXgO27XOGJdNsxY-vQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	182ms 181ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4296945606762119&bg=!y8ilyIfNAAY3kmNgF5I7ADQBe5WfOK0pENeuzxUVFDmRnDd73lqZFdxLH89CUFXXrGw5rz3Ep0xCAIZjL_GxF047l_F7AgAAAddSAAAAAmgBBwoANFIgHo_4nnZdOoHFaZcJK7JFAjctZtmEhWhsIYK8Ca5pXHGJk2H4dGHVYnaMCS1qcGqIfZWZAxvejxTEkWm4mf7PmEzgJEliSLR7L6bT61NZWNplRoGJWnes7PjPwnJpJHZHru5BwQXmip1ue_iF20tQFRFoMKwXw46Kqnc1OS1V4-ZziwFZ3LS1QhwAOx7090x-oSiWuHQse1yjPWkis-fQJ5_OO6ot1-jkXXtEBAglPph_RAdJwB3uGMb9WcM6VV9hfWrkKHbGEa5Drz_WUQXHwbiF_j5aSQIbN8MSrKJpicPnUW9JcK_D31XoaiYkGZ4p-ta7YLhz5hdk5isOLM7Rbgjvy92afd3H1FNUExs9v5icbPE9jk3CcWkhpalpNO-eWv5Mo9PnHBZr2BD9wj5SM1NzPEJVVtmFP29O3tTjgR1H9KI-9Pd8s-rN2e-NFOpaLwzy2zwLInJFeFdu1vqlEJSJKCdLrgbeUXpuXcbxhwFt6Lg_jcva9Sq1XrLY3pqj0OZq0gyfe1WZHyXfm7KyFRtqDjN9sXCFm336uURRZWME3qTj3X9fujzSkkcEQIiCB19eVT0SkI6PfjLGB1IWNSjcJQqXMFRU5Zt4PIUI-DWL1sGC_sOs6CnLRSnXe3FfypV7vdUtOrtDTNgWqYK8Qbkf73pxGNkt9Vut_8y_MykoaMXKEYe3F8dgYWVR-wMk2SwnR4_9cmeS-30of9TaAyVrECUs1nqMN7MMDgY4ISc2RAdWbDZRBr2lcsg1pGIutawXZybOodUUdeSTjzmhcB13U_6aeUTpl609b2Y742lp8XPmKUA3lT51XIZy54ghR0C7d5lMDFvj85-zwdysKpTVEgWP_KJr04gLkeICeMxECmIHyLIVFRmjPKcn4t_S8zuGTzC9lYGooZuLNofE_B1OUk6NLQ2Kzhg-122NPgQPJwiyLpCbTwyMudEVqqzM934lYrfrlC1Fm62fpF40EMc0UTov2KoNI8rnTSU18uD6rsv0mdWVz9--8iT0bEY6Sa71YTZZsYLgZGxdUr002VegFjJeU15AU-D4CwIo_q3WoeB1sdJCt2o_Hqdzdke5sZDKTxdPuUOpTPeA5yjvlkRXXTa8FIBQp8T315vUW8Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://steamru.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H3	200	rum dsum-sec.casalemedia.com/ Frame D06F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1	43 B 744 B	56ms 55ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfvNS-In-XxDRCiZDUVDwOQeUSmaWHz6U3lH0KcJWU2YnqoZn8UlCjmqQiJzSfohClULWBxvbJM1AnOYi02RCXrvvaytJsmNwI5K9WP5XEQEnTMrQRyDnj5UKaSpsNdXYGOiqvvRrlVsiOmk0qxYCuJb8Tx9x5Jdn_NmcyC6rhhYJ7_VU Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aubWeZtVnsdT6wS1nhycALcl%2FpG6oq2E7x6zD%2FUX7PsDmGTNZ7cOIQlUPqnDinW5hc7Og6lclzvyZbM%2BmtV8qcTu3BFcgddEcRNGw6jZ8qzYQWBObJl8vvbK7nhzZgYlId1ujLc4fH4436f5Goid8f6HBrIIaw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac6180da6d5c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame D06F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYi0xnYTxkur6JdYpJIasAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1	43 B 757 B	53ms 53ms	Image image/gif	2606:4700:4400::6812:249b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfvNS-In-XxDRCiZDUVDwOQeUSmaWHz6U3lH0KcJWU2YnqoZn8UlCjmqQiJzSfohClULWBxvbJM1AnOYi02RCXrvvaytJsmNwI5K9WP5XEQEnTMrQRyDnj5UKaSpsNdXYGOiqvvRrlVsiOmk0qxYCuJb8Tx9x5Jdn_NmcyC6rhhYJ7_VU Protocol H3 Server 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pbFqavLPO%2Fb9jSiyF3G%2FP69%2FSVhncLuekJC5pBunZD9ZgGgo99q9EPgfy1USjo6LC9HIOP2X%2BnvrXu5Xypk27%2FfLs%2B6cGsooBIGaQAGZrfrUFX6mGO%2FY%2BfP4FI%2BXZHCp%2BDRsbBt6ODcCHzixrErM%2Bl5PB2YNw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ac61813ac35c92-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgUZ-PYoxW3GrHwd7aiVCY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame D06F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENaDqeTwBC2ECaApnCnQtMY&google_cver=1	43 B 838 B	42ms 41ms	Image image/gif	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENaDqeTwBC2ECaApnCnQtMY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfvNS-In-XxDRCiZDUVDwOQeUSmaWHz6U3lH0KcJWU2YnqoZn8UlCjmqQiJzSfohClULWBxvbJM1AnOYi02RCXrvvaytJsmNwI5K9WP5XEQEnTMrQRyDnj5UKaSpsNdXYGOiqvvRrlVsiOmk0qxYCuJb8Tx9x5Jdn_NmcyC6rhhYJ7_VU Protocol H2 Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT an-x-request-uuid 0ae20b98-b2b7-4bd2-8031-467cbd8c9cdb server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESENaDqeTwBC2ECaApnCnQtMY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame D06F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D	170 B 188 B	50ms 49ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfvNS-In-XxDRCiZDUVDwOQeUSmaWHz6U3lH0KcJWU2YnqoZn8UlCjmqQiJzSfohClULWBxvbJM1AnOYi02RCXrvvaytJsmNwI5K9WP5XEQEnTMrQRyDnj5UKaSpsNdXYGOiqvvRrlVsiOmk0qxYCuJb8Tx9x5Jdn_NmcyC6rhhYJ7_VU Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT an-x-request-uuid 185c6a31-91bb-4152-b16b-3a6d18abd45d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2Nzc3NjgzMzE0MTUxNzcyOA%3D%3D x-proxy-origin 80.255.7.105; 80.255.7.105; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 879A	42 B 64 B	77ms 76ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutWMNCK6VsHY7MHiUBAtIkU91ryJk2Xymq_qiu3rjzDQOUaFmTvnLeSDvYAKfH3fk2vnMFCR47OcH8WXLK0ao5_uWYJ1dywl1KtVITqSpuxA9s-1lgk-qCmR5BMR8eMLq-bfKtD8u5nbeppyJU4WK_MGFP&sai=AMfl-YT9eN8fLhqimtyX7VVK_2A-IxQ-yKo3it5GVUMVwRct8o9Z5gyeNkQrIdrRtG_6rCtzKFdSekaItjjfD8F7Z7TzQ8_NHxiK3tfp0iiZzmxZL279-RVg-lUqGTHv1MEcPCmbFBeq-vwDL-NOC3r8rg&sig=Cg0ArKJSzLez0hJMqeQtEAE&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=179,735,1000,1000,1000&tos=179,556,265,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703457990410&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1D21	0 20 B	74ms 74ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=781458546809&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1D21	0 20 B	75ms 74ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=781458546809&version=m202309260101&ct=77&x=1&cor=3214814211383347700 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1D21	20 KB 14 KB	218ms 217ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cm5tziFZp89jcbuRCTwIy9rKk41opfe6CIrvN4tTcifeNB8y-nTVaE-v1bQdzE4YpJ7AqDh8ofD8zt-YebY7vAoESyr1a2MFuJm9pdsK1T4SSgPtiyaf2ExUQpaQLx2fT-cyB64hibYMIipOetiqNObJcqP7MFb2oL2bibUUV5s90rPDw&cry=1&dbm_d=AKAmf-BZqhHvDDIxLInCsJr-ILpz4PThYnCQfo7hJl2QgT0POPdcCvDeXUbyJJ9E7WuOPB7Yr9EqJkkH9CRIthhSdPBDDvz9s4UMYoWlIMh7WTPrMi92HjIk_a0QvIS6D-D5Q5e3j-dj_hVXumeCPAyfPn451K1isLDfUMpciIaaerIbiqdnNQlxlw1ncarBCGw5YT67sHkFAKvG53DH7maDsC0hV2zPYW8JcauGZr1Wr2HIKRpAc7PZH100t3mztmYPLRDkMy8iQuz3yekeptMhCK6wwQaLB6wK6TOpPjta4iFWPe0A3D-CbbNNZcNi-BaKcPaBr9m2Yj-gEW8F7QhIDmvr0McCfM4QRszhH9Y-FpAg_-4ZJOIAjUx5jQ0DmAsIWQeQUS1a07TBVtJCLH01cNuLl3St-8_2mqcQnqKxvsAqSICWGabTd8tq5XvgP72I6DsO92p4QMbdSnTrCKbwZw0akt6RwBi9NDA_NFvRPg1yRSiOYMY8JpysyfV5YpqlFGbY28qyqAsxucy8II5TSrU7jXxlX_OxYA4DG9E9D9Du7YQBmLwV6k52ZSVqZwRW4PyXgbc2yBU1mFZ_dzdjnliof8gMDABY1LdM1sWIAH3GfJiBE18j09LKSLY7CX8iPxf8sQ-fSlaM7MWLCDbR5tII4wgEs7XCTGnw-SXG87rqmWKJ-RgJWjHbWH53Pt01UViHyv9psEFCpFQu4yEJinPAHo5C8sGw8fjDzltWQEwv_cmSzW2vnCx_NJmHltUPQsyxXs-m-4HUc1dpD2XRczT4Boo6MG0hpq-wFJN5068B97iLgrWkPsvK2RNPzbQininR2ne-UYPI6_4RH3Lg1GmoiTMP1JoOjJqKnQfbqm-ymT5kdmi2MwB5v0LZzdw51Zhf0rqaTSfxijfkd830UBFr2eCN3eQ0LZ_EWhGr7iJXKQCAcRBddHCZ3QFvi-1WeQUCWE4GEXBVn4dzQ0El0ZT8b58bXMq870-1Ms8D5224zOPRRJ2eYgL6_47wYZAJlm7fpm6ee5_J7OmrTEPIpPEpOBLGst6-VTMRCLinHSKlOZSoLUgic91XVOkEnqN-aRzU341unqfWHo_hej7U9IIiIY2y2mzoHBx3fnh_-jz0yts3X99ClvEvSLcTAuM-D0sFBypD4LkAvCEkiEaxmGp8XLaVx0t5OBc3Dai00QN1Ew9TP63-czlCY8mASwM2Y6J2irra9h2-mkxZ9HZKuI1qyAgV3vWTZTsZpevFqltLw8JvbDt1kslc7yewNZ-XPXt2eq71ZadaP7elhuVDd7V4WypwKeQpPheNoDHzSy-Y6eONcOmmTxIwSBpBCNupx4BF6-2XTPFOZeM-K0G0Lj2fNwntoufPxhi3tilxK5om7Bh5qGmo8SBsZLaLXLqpsonqpaAP6dyICoBk178yA_55G6Q6926An-TnzIjDwRPs25w2WJCA6aNPFmjUAfTVJdd9w5xJ_Ex7sUz6ugbRDmZW2kUD4IB-aHNM10BVLcJiqr8bOSj-fJAqPCuV4xDSYTnc7XO4Jf4o285N_a5N1J349oafW4FuRufao3AkC0RuClzwxLrcTVaIabwoi8Eh5gIVT8dZskwiWEn028Tu_Vqgeol9AxhM1pVpoG6j1RefQ4vJ5LB_Vv8kZD2ZSEFx55k_6XGwZGYjCYFQxyYDM7DJN82TVNdosToqpaQp8eq2x7WfAwKjeM81wyMlvUdNIZIWvY83Lda3Bw9ezJO8boXcyAYoSzwrLlGDhUCldGTLo3i_Mwvx7ppQdM8jMScZaJndGw-vhIbbbXu3cAQSumCR6mRgccOOhj4i9enNEeFSesQn8FU4RH39xOYXibDd_0xRf7DlGX4B4TJ29M_5cbV4H079q5AkUp2c9o78Z6kwEuC8tuU8kunq6B8OY5ziOqebNC0pGHnbusCBq1aYaj_NPys4eQbeLJzftVNBNszp17LRdNDwlGX1OO3r502RrIaliH39R7uO2NcxAP9FN4bsIf946ymsa5oHGS5gI2wgtjcSMqLV1AuJ2JBsDuuEy7gUzIWooPSkhtMAe8dIPrJSv6RAWIoL88dFTE9xQwec4hKbKAqiDFn44MupC6N1N1Rew8xGMGfhZ_E_iEDr_EwxIbAWXoP3ri8JIWfDSg_X5PnBLJ4yoXPnkgRA7lSsrL0eaal67U_HdENqiMYgAJeENo49yFlVGnzPLJj9riYaUg4QOjScfOPt5kvzjFv0X_1c95CFa2OVL85SNpcAK-ed1jvbd-XiCSmHZf4rISLVGJ1NuPAHVeo0FqcO232m-gj0BMiHICnnViRGcSWfpElR5CayhTFv4lKF1Q1OkO3nlM796IrplD8ERWP6c58yzEvs2No2eMS8UKJjaFh8z_jx8eE4gvmaj0ho6MMBKgkJKU6QCzpqPY6pfziti-ZtMjktHD7xMmdXldJkVvmZwIZPAZTBztH7WcsFZwpd_TDtIF534RcLh1YUq4ldw45T3mXOxlg4aWw_nmC0ZBvJW2GsT5lPdQEn3i2wuzfS1lR0vlDzmclfAlKaBbPbbaLs5yoS51bhlunQkku3EjhhCC9rwdOWMHE2P0M9Kh9KbaRJKcAPgFBdM5D9I_eHDHLscXg7KNO5PfQCVgVOaHy73d8LJ02NtItR0_St_sCXI1W-jCQwt8PNjaDHXAKV-iLewnK9JgKpkyIwLox1-xQFATts3HJFcKaCQag78N2Vp8swWJRj4T_kUFB0cnoOix-ve7CqkzJ3LA1AKux7R-hOFujM04gRK67_KeAhEx_aQBxbdSnKBiTIA9lEaD0ZGDfO6JXuNNCWRPWMoyRsOIzbIgDHgEJ5GgmQ8UFFMd0-YFbcg_7IctfXuOuG2KQBPHFt7N6D75eqqUA26oniVoJyWAVI4J8Cbkzd3YST06AgSHJ3lcHcyIe43xC8Qu-ltjObT_6zcun0HOis_HJdGe3EM2oPdObIbHKPb5FpXatBjNJWlfGNMcLjMfE9aF92FoJyxV3zNUI4d9kExBBRPxzO_HEAjKUOH4UqzRUvZH0PhMh3ylCG3XdJr9lPyRSKzR5T9xFcLj59O23FMVqeKU5thNuXS1swQswctZDKk8Tz-9DP52lzXx-K_RHdf53XeulySfDeHOe45dOZbb8wVjor6wdoPeEuiAQhvxwb6d-hMZc-G08XeMkf9VQKiZo74pKHT0Awz1sJgca0SSSKzspF3p1NuY8UE-pOxYCc6jgTwq6svjoOAXkEzZ-DzQRfYRmmElGdzGk5211IZUOBPZdvyYZmvBu9wGt74PvXbgV5q62q_AmsdTvpTkby8mRWz6ts7QuWaV7Vnt9j0Fionkl0XzH4Oyd_zuzGGxo4yV9AQdgMoz-WNVNSPf_2MlhS8Co-IJtu5U3NZ2wwEL-S4-jTV-vS6dyDPhS8ig9zdi7SjmP-KQukjS_s8iJwib_HTmNDq7FOWDk0UDxEVH2SE2YwFcyWawP6FHtvxWJh6SVm6i4PxsnxKv0iE1-oQZPFkdVugxTa7GbbtKie95blq21ci3CuUK2qx3rqEpAwRaDquxArFt6pcR8mzkcSIa-szyVfrvsgtqteYitqQ-USVjbJ33L2APPgQcAu9KSRdomvTIFTIT2HvlOxmVCHr3MGWRfgD9PXyN8tzVuTX1fau5fQi-YeORJy5Th16-YmO1KGv1dXDPgYq0q74G1fjUPIfBId1I3VeBFCzH2TSaM2M6HzK37Brg0Qg_g6FsG40zq19oFMLpuGA5eVezoSkL3Y72_pUyuw8dwdsmvB1PK5UxEA8UehYh3Jx0Vqs98_VY9QwVBS0GwX15Cpo2by6PZtaFVRyiWsGSXQZqmnCw2IP6wKNbz3MaQdsDJBqw1VAdRnfzhZrRSXLD6VLxiOEeI9y6xpu78Zi8veCMlbXtaeuYGQbaOJYjfOu3MEuYOUpL7UL8Wv7zViXo7k45BMFVrZpz0mGOOrxAlE-otikQPrwKYvKwJZ_efFlT-_vsZb5zNJqiougpq4dcO-g_UyrlI4X1qb8paYEkRsRV-KLj5H8nt9nY0cvONImDql3RlK2-2QCVA2XVwPEM_aKDwfEdI2Drz7h4NDJ9dsBNfnA0Vf-u0S0AgLegMLf1MV5ny98gTMfiOI_GqZdiAIcAXeCsIqStpv01GO4irOzu41U_J-zRRsvi3uHYM32Hz1qlEB_h6Eg7okkIRrPQZgSfVfU-peTfSNeHHHF0YcK-y3OtgtzTxNAdf_69i7EE8W11KC4xyS97duk19hyKk&cid=CAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=3214814211383347700&adk=1761367584&idt=236&cac=0&dtd=8 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a6a401ea0fc2673be389c4e757771c560304d56d803da4f426edafeba707286 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13943 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 448D	42 B 64 B	77ms 77ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjA9xF7p7BFDln4PonZ7NulnLbU5xiG0_96wkX6o71eIECmqqWNTTJOgoFAEKWn31YXnAO-pjdK9YZP7IfotR8jmJXiG4V8LMy39ZgA7TobMTw7tOiAK-BwPoi0mttQ0PE2cRAiHGaWNU0PbvZPDQfSAL8&sai=AMfl-YTPfsueehdl3glquhZCNyLL4HXV3HuIpKrfOlEfR3Ue1sxPXipuwxeTVMZ8OKK-u19tGZ4yrDQORUaROmbwZe1ANu7-lBnoNhB7aS0fOqu76Xu2C9K8ZYPptzbmOBaiRnFf_zgUxGiY5pEji03k5A&sig=Cg0ArKJSzOAWz54Qb38VEAE&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703457990406&rpt=398&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame CA77	0 54 B	210ms 207ms	Ping image/gif	2607:f8b0:4012:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqk2wlzx&c=3047832611257&slotId=1523916305628.5&qqid=CKaI98KTqYMDFW-Dgwcdq_kGFw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2097&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.119~vil.1hs&ua_e=1&ape=1&ple=0&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 1D21	41 KB 14 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cm5tziFZp89jcbuRCTwIy9rKk41opfe6CIrvN4tTcifeNB8y-nTVaE-v1bQdzE4YpJ7AqDh8ofD8zt-YebY7vAoESyr1a2MFuJm9pdsK1T4SSgPtiyaf2ExUQpaQLx2fT-cyB64hibYMIipOetiqNObJcqP7MFb2oL2bibUUV5s90rPDw&cry=1&dbm_d=AKAmf-BZqhHvDDIxLInCsJr-ILpz4PThYnCQfo7hJl2QgT0POPdcCvDeXUbyJJ9E7WuOPB7Yr9EqJkkH9CRIthhSdPBDDvz9s4UMYoWlIMh7WTPrMi92HjIk_a0QvIS6D-D5Q5e3j-dj_hVXumeCPAyfPn451K1isLDfUMpciIaaerIbiqdnNQlxlw1ncarBCGw5YT67sHkFAKvG53DH7maDsC0hV2zPYW8JcauGZr1Wr2HIKRpAc7PZH100t3mztmYPLRDkMy8iQuz3yekeptMhCK6wwQaLB6wK6TOpPjta4iFWPe0A3D-CbbNNZcNi-BaKcPaBr9m2Yj-gEW8F7QhIDmvr0McCfM4QRszhH9Y-FpAg_-4ZJOIAjUx5jQ0DmAsIWQeQUS1a07TBVtJCLH01cNuLl3St-8_2mqcQnqKxvsAqSICWGabTd8tq5XvgP72I6DsO92p4QMbdSnTrCKbwZw0akt6RwBi9NDA_NFvRPg1yRSiOYMY8JpysyfV5YpqlFGbY28qyqAsxucy8II5TSrU7jXxlX_OxYA4DG9E9D9Du7YQBmLwV6k52ZSVqZwRW4PyXgbc2yBU1mFZ_dzdjnliof8gMDABY1LdM1sWIAH3GfJiBE18j09LKSLY7CX8iPxf8sQ-fSlaM7MWLCDbR5tII4wgEs7XCTGnw-SXG87rqmWKJ-RgJWjHbWH53Pt01UViHyv9psEFCpFQu4yEJinPAHo5C8sGw8fjDzltWQEwv_cmSzW2vnCx_NJmHltUPQsyxXs-m-4HUc1dpD2XRczT4Boo6MG0hpq-wFJN5068B97iLgrWkPsvK2RNPzbQininR2ne-UYPI6_4RH3Lg1GmoiTMP1JoOjJqKnQfbqm-ymT5kdmi2MwB5v0LZzdw51Zhf0rqaTSfxijfkd830UBFr2eCN3eQ0LZ_EWhGr7iJXKQCAcRBddHCZ3QFvi-1WeQUCWE4GEXBVn4dzQ0El0ZT8b58bXMq870-1Ms8D5224zOPRRJ2eYgL6_47wYZAJlm7fpm6ee5_J7OmrTEPIpPEpOBLGst6-VTMRCLinHSKlOZSoLUgic91XVOkEnqN-aRzU341unqfWHo_hej7U9IIiIY2y2mzoHBx3fnh_-jz0yts3X99ClvEvSLcTAuM-D0sFBypD4LkAvCEkiEaxmGp8XLaVx0t5OBc3Dai00QN1Ew9TP63-czlCY8mASwM2Y6J2irra9h2-mkxZ9HZKuI1qyAgV3vWTZTsZpevFqltLw8JvbDt1kslc7yewNZ-XPXt2eq71ZadaP7elhuVDd7V4WypwKeQpPheNoDHzSy-Y6eONcOmmTxIwSBpBCNupx4BF6-2XTPFOZeM-K0G0Lj2fNwntoufPxhi3tilxK5om7Bh5qGmo8SBsZLaLXLqpsonqpaAP6dyICoBk178yA_55G6Q6926An-TnzIjDwRPs25w2WJCA6aNPFmjUAfTVJdd9w5xJ_Ex7sUz6ugbRDmZW2kUD4IB-aHNM10BVLcJiqr8bOSj-fJAqPCuV4xDSYTnc7XO4Jf4o285N_a5N1J349oafW4FuRufao3AkC0RuClzwxLrcTVaIabwoi8Eh5gIVT8dZskwiWEn028Tu_Vqgeol9AxhM1pVpoG6j1RefQ4vJ5LB_Vv8kZD2ZSEFx55k_6XGwZGYjCYFQxyYDM7DJN82TVNdosToqpaQp8eq2x7WfAwKjeM81wyMlvUdNIZIWvY83Lda3Bw9ezJO8boXcyAYoSzwrLlGDhUCldGTLo3i_Mwvx7ppQdM8jMScZaJndGw-vhIbbbXu3cAQSumCR6mRgccOOhj4i9enNEeFSesQn8FU4RH39xOYXibDd_0xRf7DlGX4B4TJ29M_5cbV4H079q5AkUp2c9o78Z6kwEuC8tuU8kunq6B8OY5ziOqebNC0pGHnbusCBq1aYaj_NPys4eQbeLJzftVNBNszp17LRdNDwlGX1OO3r502RrIaliH39R7uO2NcxAP9FN4bsIf946ymsa5oHGS5gI2wgtjcSMqLV1AuJ2JBsDuuEy7gUzIWooPSkhtMAe8dIPrJSv6RAWIoL88dFTE9xQwec4hKbKAqiDFn44MupC6N1N1Rew8xGMGfhZ_E_iEDr_EwxIbAWXoP3ri8JIWfDSg_X5PnBLJ4yoXPnkgRA7lSsrL0eaal67U_HdENqiMYgAJeENo49yFlVGnzPLJj9riYaUg4QOjScfOPt5kvzjFv0X_1c95CFa2OVL85SNpcAK-ed1jvbd-XiCSmHZf4rISLVGJ1NuPAHVeo0FqcO232m-gj0BMiHICnnViRGcSWfpElR5CayhTFv4lKF1Q1OkO3nlM796IrplD8ERWP6c58yzEvs2No2eMS8UKJjaFh8z_jx8eE4gvmaj0ho6MMBKgkJKU6QCzpqPY6pfziti-ZtMjktHD7xMmdXldJkVvmZwIZPAZTBztH7WcsFZwpd_TDtIF534RcLh1YUq4ldw45T3mXOxlg4aWw_nmC0ZBvJW2GsT5lPdQEn3i2wuzfS1lR0vlDzmclfAlKaBbPbbaLs5yoS51bhlunQkku3EjhhCC9rwdOWMHE2P0M9Kh9KbaRJKcAPgFBdM5D9I_eHDHLscXg7KNO5PfQCVgVOaHy73d8LJ02NtItR0_St_sCXI1W-jCQwt8PNjaDHXAKV-iLewnK9JgKpkyIwLox1-xQFATts3HJFcKaCQag78N2Vp8swWJRj4T_kUFB0cnoOix-ve7CqkzJ3LA1AKux7R-hOFujM04gRK67_KeAhEx_aQBxbdSnKBiTIA9lEaD0ZGDfO6JXuNNCWRPWMoyRsOIzbIgDHgEJ5GgmQ8UFFMd0-YFbcg_7IctfXuOuG2KQBPHFt7N6D75eqqUA26oniVoJyWAVI4J8Cbkzd3YST06AgSHJ3lcHcyIe43xC8Qu-ltjObT_6zcun0HOis_HJdGe3EM2oPdObIbHKPb5FpXatBjNJWlfGNMcLjMfE9aF92FoJyxV3zNUI4d9kExBBRPxzO_HEAjKUOH4UqzRUvZH0PhMh3ylCG3XdJr9lPyRSKzR5T9xFcLj59O23FMVqeKU5thNuXS1swQswctZDKk8Tz-9DP52lzXx-K_RHdf53XeulySfDeHOe45dOZbb8wVjor6wdoPeEuiAQhvxwb6d-hMZc-G08XeMkf9VQKiZo74pKHT0Awz1sJgca0SSSKzspF3p1NuY8UE-pOxYCc6jgTwq6svjoOAXkEzZ-DzQRfYRmmElGdzGk5211IZUOBPZdvyYZmvBu9wGt74PvXbgV5q62q_AmsdTvpTkby8mRWz6ts7QuWaV7Vnt9j0Fionkl0XzH4Oyd_zuzGGxo4yV9AQdgMoz-WNVNSPf_2MlhS8Co-IJtu5U3NZ2wwEL-S4-jTV-vS6dyDPhS8ig9zdi7SjmP-KQukjS_s8iJwib_HTmNDq7FOWDk0UDxEVH2SE2YwFcyWawP6FHtvxWJh6SVm6i4PxsnxKv0iE1-oQZPFkdVugxTa7GbbtKie95blq21ci3CuUK2qx3rqEpAwRaDquxArFt6pcR8mzkcSIa-szyVfrvsgtqteYitqQ-USVjbJ33L2APPgQcAu9KSRdomvTIFTIT2HvlOxmVCHr3MGWRfgD9PXyN8tzVuTX1fau5fQi-YeORJy5Th16-YmO1KGv1dXDPgYq0q74G1fjUPIfBId1I3VeBFCzH2TSaM2M6HzK37Brg0Qg_g6FsG40zq19oFMLpuGA5eVezoSkL3Y72_pUyuw8dwdsmvB1PK5UxEA8UehYh3Jx0Vqs98_VY9QwVBS0GwX15Cpo2by6PZtaFVRyiWsGSXQZqmnCw2IP6wKNbz3MaQdsDJBqw1VAdRnfzhZrRSXLD6VLxiOEeI9y6xpu78Zi8veCMlbXtaeuYGQbaOJYjfOu3MEuYOUpL7UL8Wv7zViXo7k45BMFVrZpz0mGOOrxAlE-otikQPrwKYvKwJZ_efFlT-_vsZb5zNJqiougpq4dcO-g_UyrlI4X1qb8paYEkRsRV-KLj5H8nt9nY0cvONImDql3RlK2-2QCVA2XVwPEM_aKDwfEdI2Drz7h4NDJ9dsBNfnA0Vf-u0S0AgLegMLf1MV5ny98gTMfiOI_GqZdiAIcAXeCsIqStpv01GO4irOzu41U_J-zRRsvi3uHYM32Hz1qlEB_h6Eg7okkIRrPQZgSfVfU-peTfSNeHHHF0YcK-y3OtgtzTxNAdf_69i7EE8W11KC4xyS97duk19hyKk&cid=CAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsteamru.org%2F&ds=l&xdt=1&iif=1&cor=3214814211383347700&adk=1761367584&idt=236&cac=0&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:49:16 GMT content-encoding br x-content-type-options nosniff age 464236 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 13:49:16 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzQ1Nzk5MTk0MDY1MQogIHNlcnZlcl9pcDogMTM5Nzg4NzI4CiAgcHJvY2Vzc19pZDogMjcxODA5NjExMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame 1D21	0 867 B	204ms 77ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzQ1Nzk5MTk0MDY1MQogIHNlcnZlcl9pcDogMTM5Nzg4NzI4CiAgcHJvY2Vzc19pZDogMjcxODA5NjExMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNjU4NTc4MTM4NDE5OTg4NjU1OQpkZWJ1Z19rZXk6IDcxODkwOTE1NjU0Mjg5MTE3MTUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTI0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0x120e22a95bb4a0d00000000000000000","13":"0xac163ad3544268070000000000000000","14":"0x1bdd6c05184b738a0000000000000000","15":"0xedac3b3b806d941c0000000000000000"},"debug_key":"7189091565428911715","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"16585781384199886559"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	g72h7lz2c4az Show response hal9000.redintelligence.net/zone/ Frame 1D21	11 KB 4 KB	135ms 40ms	Script text/html	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1703457990346933&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash b94ae475396882c8ba75b8b2d063d7ab708be7d9c30cba7384f23f1b17d04517 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:32 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4204 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 5201	38 KB 13 KB	39ms 39ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 462353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 14:20:39 GMT expires Wed, 18 Dec 2024 14:20:39 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 283C	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3357329414908&version=m202309260101&ct=76&x=1&cor=11359999409173770000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 5201	39 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 21:29:51 GMT content-encoding br x-content-type-options nosniff age 4601 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 23 Dec 2024 21:29:51 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 283C	42 B 64 B	76ms 75ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTFDJ3Q0AwAHe9WXUkZz1qsyhePiq0tP5IPr_uZMAd8lmcJLLWO5QU4560TTwShX_tEMidsFbm0ibh_F1R4bT0pl91ie7gwwV4CM1JYNOpPJt-fIjpCldAN_E-l2Luc4XQ2oYgwjfRKNwKsGHrahAJuy6g&sai=AMfl-YT9c_aJpoVhSyQtAkciVay2KFjnmCBnhzZGqYjq8q06LdevYIhh9kMJcw6dvYM8bxkUK-DlUAU3PDghwij1StLiDOgczadfD22cSMg_Qb-lBNEVDtssg2nRJYI5ziTpZ0M4klysiTQuq3x7d4exMQ&sig=Cg0ArKJSzDL248uKXTsjEAE&cid=CAQSTwAvHhf_T2a5aY6cBNZOoYqtXgmvSmfhEOvMu4cD-_FpWuOE-OLTf8w7lo__2XQAzXEK5kd5IAFO_XNzWFG4ZN_TlwWUuAommxG-xRqy5jsYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703457990497&rpt=691&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7FE5	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9778496528631&version=m202309260101&ct=76&x=1&cor=10421351764151816000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	request.php Show response hal900028.redintelligence.net/ Frame 1D21 Redirect Chain https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	3 KB 2 KB	190ms 110ms	Script application/x-javascript	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol HTTP/1.1 Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash 6736da1c5eddb4cb8b44ac6ae931284d65b2e71f58800f4ee3ee62d977b609e0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Dec 2023 22:46:32 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 20963200096455804444550012548028 Connection close Content-Length 1149 Expires Sun, 24 Dec 2023 22:46:32 +0100 Redirect headers Pragma no-cache Date Sun, 24 Dec 2023 22:46:32 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Sun, 24 Dec 2023 22:46:32 +0100
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5201	0 20 B	77ms 77ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BH6tEx7SIZeu0ObiD1PIP8bWLkAoAAAAAOAHgBAI&bg=!np2lndLNAAY3kmNgF5I7ADQBe5WfOGTCdr8GtKdA9nUEj85pt9a_OCoRO-P4swl-j-lrGg8sYC-i8qQT4hWrsBP8Lu1yAgAAAEdSAAAABGgBB5kDPOna254tYrxb3AeGlswfEqi3mF-KUIGGsxdUWQgkpQ5u4UdcWmxbxmFGS7Fsl6CH7ylgflCBn8Wm4CUiFRbRgY2i2axY5BbxPKPn9s6LYXsDwXZDaeKbYk5nozwloEuSS7bUAlMKyovFIZ_6NpCj8ya6jdstAOHQ78ZIO6C-WootVx3NN48gpFYU4D8u-42R5Mb1x8xLaMj5WXsIA9frn0fOFbDgvssDEnLDdYbvD4A16nV_T0f_Y06fbXstuABQLr3ZyE-nhDFKCuNj5gr5oN5yOjswomoPTVOZESXp_KvyyVhvmws1mwKa8sWgAxeaTLA983a589V_1oTUfjfGSfcZzl20aSTqS1kRXPYALUKGUGmKz1I2hHWypZBNqxfPw1blCgz2IXACEDs7kviB6ZpOr9tMZfxsJPmcidfvCodcCm2S62ZGtlGHP19Xa95BJJd1czcXJ1ByVxaBRWu2HvxIIGC4HUUiGayYWioiCdeebWWlVB8oYJlYzxX8OCPrCrQ5b3FdV5cbJc3_Z24sT7TuICnH4kVCfi9BOpmbiRvu7BzGEZrmnD892fpUHtwvNZmD7OraANq1ODgaqq03iXy_d8_FH0PNfsbnwg2q77brL8WIPpi6MQz6-qo1L79jUNZKqAERVbCBQi4B9b11IB56h1TIS9gVamWdNjkbsIH39LviMHfWGAXNYcH2Mp0Aq1WHKaniOu4ibhEqxVFXwX8YRZwKDFu2z_sVp9mLq25yiZqBa90B15o4LKIgefzJfkfVzsU9iLSAcQTkluGCSaYzvqeuVJ6_AK7rqd8_O7WzoL2Vhegi2BiXS07SbQh4bsfsJVjhTN9aSGbMiA0iJRewDUQKfKGGbZ-UrmWsnZDDo2rzyGXeOUOJbeKKU2akBbl5Euq_a4z_0V37XzKez-PaoWtKYUegTHpm0c6KDag8tqQJMDkh0JUZbW-6-mVmz2ZxcDlScagq1-fW-DAI4n-zFo-7_5zSek8C8oL4WCgdfBkgu6qHZkOTz5VfyS0vJrhRsyqDHQPkIdscf2VeBoFWyab-tYBq7Wp1kCss6LVMhZJze7c_UIM-68J6Zo_T1F-KHG97zXFvnWqYKw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response adv.office-partner.de/ Frame 7D12	930 B 923 B	194ms 39ms	Document text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Sun, 24 Dec 2023 22:46:32 GMT etag "3a2-5c1ab16b3be00-gzip" expires Sun, 31 Dec 2023 22:46:32 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame 8B7F	0 327 B	200ms 49ms	Document application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20963200096455804444550012548028&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript; charset=utf-8 date Sun, 24 Dec 2023 22:46:32 GMT host pv.medialead.de proxy-host pv.medialead.de server nginx vary Origin
GET H2	200	link.html Show response track.webgains.com/ Frame 1D21	2 KB 2 KB	277ms 95ms	Script text/html	18.132.155.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=20963200096455804444550012548028&nw=1 Requested by Host: steamru.org URL: https://steamru.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.155.124 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-155-124.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 9ed7c0116b1614264ba4ac454d249d039b3df3fe5a2bd25953ab6a64663f1a9b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:32 GMT last-modified Sun, 24 Dec 2023 22:46:32 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Sun, 24 Dec 2023 22:47:32 GMT
GET H2	200	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame 1D21	0 326 B	207ms 51ms	Script application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20963200096455804444550012548028&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:32 GMT attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 0 proxy-host pv.medialead.de
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 1D21	43 B 702 B	284ms 130ms	Image image/gif	23.212.218.19 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=20963200096455804444550012548028&pv=1 Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-212-218-19.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Dec 2023 22:46:32 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	e99aace94e6e58733936cdd965d03e75 pv.medialead.de/trck/eview/ Frame 1D21	43 B 360 B	205ms 50ms	Image image/gif	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=20963200096455804444550012548028&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ea00f0e35&subid=&uid=15a839e5daf22a80&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCusFexrSIZbWWFca2_tMP2ukCpuW9oGmFlZynyQ_wLhABIJC7gARglbr9gZQHyAEJqQJx9dySZnqyPqgDAcgDmwSqBJkCT9Ct0_7Bv6kyvf8I4THyAvx0gzT5oLIvJorMd01MFYhCCQArk6_iezkulD88eeZvjFUwvDW7ctz_wGGpsnh_evAm_Mb_AU4ElJZ42GBbilUz4HwYreEAylRXPcOnjzGe_sP3F1D87DOWYqU1qxTigDeMa3CVY96X0NoWRQc4NdX4lpDVoYCexcKsoaKHmsVeMszwTYH_UgE3vT1XK2l8LorUlDmIZZ7Qd8AvH33UbF-YdVrOyU9b8LBZ10jClKWrceYUyjOQJi7mjYSRrrR34JJLvzMXXb1MkKm-aFmyk6Q9hbd4wzHcA4mvMWcax9ORyleWNv2Lo3heT-qAlhJWQnkTkLwnwFTYMeh5zej6PQXWtuFlSlpsgF7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-OSZw5OpgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_mqYivGaeCRA5qKjLoxPESUGj1bRAsrgIleQdkqdHSKpIwpPhhCuDunNAUwO85FQof75tPitLGAE%26sig%3DAOD64_1btS2pUqYDux41d--bGvrfINyeWw%26client%3Dca-pub-2147948657389864%26dbm_c%3DAKAmf-Bv1naVK7d-LG-l8tebg7q55LE5qHXKHOh5oO64c8ecXderzp-o-tFepOuv797YfODnjVp9NfjHCHVYAaNKr-L3yLezJ5ButnWd5PzHru018qs0IY1xJbuP08JHeCz3x0yhuD_dqCy_FKLnbruJaw_UkpPhae2Sy_sSFMMgINMdS7B5xb0%26cry%3D1%26dbm_d%3DAKAmf-C4gGHaW1z9FscvAZTYgXv9ETw8PpRO3RLj2DecW68qCffc949XrUQyiWL_dTfWSCW9YeduWPacG7HNkkA6SJnd8B7-oC9aVPlIiGy26UE1GDnXaqPtmbtcZb9x19xTvxB1UHoBux1saVJUBm5lWBQOeS8JShlLfZtkQProHjJxo2ATo72-HNG-zpEtlAyA9TKy6Z4YPm9JeTFTP3J4UX0OPljyYVrlKY34MrPaDVTs6LGTSGC2D0vy4wheKwDMR4xTMcJv5Sms_hqhOi-Og0bG7AArWNDM4iWR_5sKZnxIaW7nT3PJqdqdoHAzjjJQyd8rismPH6xBt2wfHN3PGpwf8FwUxLQPU0NRvbz-PlzpxG4S4bAvoWk8S_49gwKZEmdRAnNtaW0aFEh1ewpla5lqBIrx6IGedjjWxRp2XKJQE03Lj16RJLyam9vGVyg8FQrjA7x5EZ0D6R10-EBZ4LEQxT5LRHMo8P_Klk7E2PbnehXyaYfRkdL5rpgrSJnPi5DDLTJh7y5XZAMAkOniyHkITaRxPxqUOJ5h2Ss-QombUGx8h5Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2147948657389864%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2896993837%26pi%3Dt.aa~a.819600158~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703457989%26rafmt%3D1%26to%3Dqs%26pwprc%3D7089917814%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fsteamru.org%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703457990233%26bpp%3D1%26bdt%3D1183%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C307x250%252C1200x280%26nras%3D4%26correlator%3D7362054081539%26frm%3D20%26pv%3D1%26ga_vid%3D300495156.1703457990%26ga_sid%3D1703457990%26ga_hid%3D1150324590%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1762%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079979%252C44809004%252C95320378%252C95320885%26oid%3D2%26pvsid%3D4296945606762119%26tmod%3D1916643136%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26dtd%3D13&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsteamru.org&random=5275918291394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:32 GMT attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 43 proxy-host pv.medialead.de
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 7D12	175 KB 63 KB	137ms 48ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 816e0c571e938a9d20c5c20f72aa631895eb9d63b46fdc7fe269f3c038b7b499 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64122 x-xss-protection 0 last-modified Sun, 24 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 24 Dec 2023 22:46:32 GMT
GET H/1.1	200 OK	request_content.php Show response hal900028.redintelligence.net/ Frame 14F4	7 KB 2 KB	119ms 40ms	Document text/html	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash e52da83c71b013bc864406ed065a7c8356fda768c74982f28d34ebc16aed7908 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2073 Content-Type text/html; charset=utf-8 Date Sun, 24 Dec 2023 22:46:32 GMT Expires Sun, 24 Dec 2023 22:46:32 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 966F	1 KB 643 B	39ms 39ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 48782 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Dec 2023 09:13:30 GMT etag 48472445140208031 expires Mon, 25 Dec 2023 09:13:30 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 1D21	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56329b166a50aba83d07bd00842b624f0f25ecaa0b6987ed7a5fabd4c721698d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame 966F Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHpVc250MHoxUmh4ZVY1&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9vi...	170 B 188 B	49ms 48ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHpVc250MHoxUmh4ZVY1&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9viRSEbh4nqQ2Dr6PgDwI5wa0f-fhczm-pz25oFReTc5OCfNlBnNH-exExKP4Hb9uUtGzKL2mU0fKd9Vr9gYoA2RO8xS1-CLH1U23xTWIbl84KBxQY8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 24 Dec 2023 22:46:32 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RHpVc250MHoxUmh4ZVY1&google_gid=CAESEDM0mvaOuHzvQJ1jXTycmfY&google_cver=1&google_push=AXcoOmRs-F47iHiczmPPisqZqFqIaf0YHKI3Pu3jk8Hn9viRSEbh4nqQ2Dr6PgDwI5wa0f-fhczm-pz25oFReTc5OCfNlBnNH-exExKP4Hb9uUtGzKL2mU0fKd9Vr9gYoA2RO8xS1-CLH1U23xTWIbl84KBxQY8 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 966F	43 B 458 B	304ms 302ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=CAESEGE9Vawdsy358YN-XbvWd9Y&google_cver=1&google_push=AXcoOmQJ4D4G1K439z_S10ma4yawJcKItz5W0GETkWBT3JUV2oidvAqXAfHXfnVHPcLe_GVfthMYzmVLI6maXTztvzZpnpUHZ900EmacN7pp9BxjrKMBlxfOn_BrlKKXqKf9-Wg-tia9fV_awCNrlS0opqNY-3c&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJ4D4G1K439z_S10ma4yawJcKItz5W0GETkWBT3JUV2oidvAqXAfHXfnVHPcLe_GVfthMYzmVLI6maXTztvzZpnpUHZ900EmacN7pp9BxjrKMBlxfOn_BrlKKXqKf9-Wg-tia9fV_awCNrlS0opqNY-3c%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 83ac6187ac574d97-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 966F Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEMIkiqG-F-9POMl8-2tZcFU&google_cver=1&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vbuqFyQRYohYYiwbpamvA&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU2kxrd4H4bFTtX0u...	170 B 188 B	49ms 49ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vbuqFyQRYohYYiwbpamvA&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU2kxrd4H4bFTtX0uwyuGs5ZQVrp5NjABLO5VyQJH5wZ3LrWIqM_4iwfqZ6_nkq4EfGfvs-g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Dec 2023 22:46:33 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vbuqFyQRYohYYiwbpamvA&google_push=AXcoOmRszycStFiQBXZciKUyjn1N7qcTSU0lIaIEkUTgQQwIHPF2wRyPVTKHsRxNt21hRbgkb3EkRvQjeuZY4VJU2kxrd4H4bFTtX0uwyuGs5ZQVrp5NjABLO5VyQJH5wZ3LrWIqM_4iwfqZ6_nkq4EfGfvs-g x-host tde-deliveryengine-production-59dc4ccdb-ph2ns alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 966F	43 B 363 B	147ms 41ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTd4z5DWlPtBFNSszbsuCul4mOAwmv7ebqBZ2ZUMXp5F811qTtt_Zl91NrBsXBqSn4wX5YwHled7UfiMuxYKaKBSrmHQIgcRq9dTKw-gBPaJflHauJzi4lus42zQ5la46BHIrRnPzf9ec7AtcoElZwhIg&google_gid=CAESEPn5-Ovh-0XjyGcU_SVSkLs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 188492 expires Sun, 24 Dec 2023 00:00:00 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 966F	42 B 204 B	154ms 49ms	Image image/gif	34.160.236.64 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHLbusml6AK0RI4Aq0Pg9OU&google_push=AXcoOmQwwsCbE3QhGuWQKDf9sO-AXNfxr2U098AKNjnvPKPaui9Vmg_ghxTqqewiaFYFTVg8Pxh0aFmru_R9ABsPNk905p3-vPwwHdZKjJXTBB9lCPg-SmA43NLWZjYdiK6h_mOKE_eOQhOAqjtyzoEFWkafKQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 64.236.160.34.bc.googleusercontent.com Software nginx / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT via 1.1 google last-modified Thu, 19 Oct 2023 06:07:48 GMT server nginx etag "6530c7b4-2a" content-type image/gif accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H3	200	pixel cm.g.doubleclick.net/ Frame 966F Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHugbxbvhzfh9GMA08OI4aw&google_cver=1&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa8GUJqfiKx6HClCNR7hR8ANx5Y3xaeCbukGgS...	170 B 188 B	51ms 50ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa8GUJqfiKx6HClCNR7hR8ANx5Y3xaeCbukGgSvxwfeE6SL4hfo_LpuELJRnMjY6mXg-YxIsDGrGA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRAzPYNbxyTT_J6wJdXYdCFvOw--jtJnPuRNNw0lJEpVZ6qwucCO7yLxD56kaeS87Ub-Uz_nhB4wSaa8GUJqfiKx6HClCNR7hR8ANx5Y3xaeCbukGgSvxwfeE6SL4hfo_LpuELJRnMjY6mXg-YxIsDGrGA strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H3	200	pixel cm.g.doubleclick.net/ Frame 966F Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPXdCSmbh7Fk96s5QwDDB34&google_cver=1&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzF... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzFe1VsuNbaDwYMEW2syrdOOtKSNT30nemQLoSy6a3oVhGbtHKR...	170 B 188 B	50ms 49ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzFe1VsuNbaDwYMEW2syrdOOtKSNT30nemQLoSy6a3oVhGbtHKRfsgHX2YSxokW8H54ARn-gRkOGzdz3oYR32zhM8ThB3bPM&google_hm=lBdleWRCTciVnUG9dWMrI2k Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Dec 2023 22:46:32 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRFZn4PYiMr6pbMSfOrvgWqx-FFYGWNpIt8w_sKjxhS4YxOO29UmhgpHvyAzFe1VsuNbaDwYMEW2syrdOOtKSNT30nemQLoSy6a3oVhGbtHKRfsgHX2YSxokW8H54ARn-gRkOGzdz3oYR32zhM8ThB3bPM&google_hm=lBdleWRCTciVnUG9dWMrI2k content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 966F	0 12 B	49ms 48ms	Image text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LR6CihlmWwmKRG_G-Pl8LVe8PiIoeGea9rygtZvEOUt49RFFnRFkCNUrbcbNib1SK_yUdFgg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:32 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 1D21	53 KB 19 KB	198ms 46ms	Script application/javascript	18.66.147.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=20963200096455804444550012548028&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-41.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 01:58:54 GMT content-encoding gzip via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) last-modified Sat, 09 Dec 2023 12:01:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 74860 x-amz-server-side-encryption AES256 etag W/"1180a1bfee0aad979766ecd6180b923e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id Ckb13HzvJQ_hjlMz-v9Qhn-3A5DRODoSOlSugb9yHjAqK85qerlGfw==
GET H2	200	1x1.png cdn.track.production.webgains.team/7121/ Frame 1D21	3 KB 3 KB	155ms 39ms	Image image/png	99.86.4.36 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1703458292&Signature=CkAkc9cohlUkQUvu~d0e5pAPFz-9CQSJktnMOulVqs8PNtz97GiZ6us1eXviSO5N2XHFOqohXBaCFv9ZQECB~p2FY8cw-Vx0DhnxHGzi2KZlCUfst7EY7n84TCOe5kYcgXxQJhB9CXw6E2DFwKYCR60HnMazyofk1Cxcw4c08WiLlaxhdcnLtjNsyaFrGx-ShfnJZHmpXXS0YC1nWUbSrYLBJFSoPutpxlg5zh~85JFq9AQLsMyU7ddCQfFjkt6McUALhWpkNohMomt2lM6PIFjUTeXfNTAi~E-RK1qWWTYjTANAqCAWdiXhchxq~E-gvapK6ZMMY1-33DtbxB5J2Q__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2147948657389864&output=html&h=90&adk=4204718025&adf=2896993837&pi=t.aa~a.819600158~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703457989&rafmt=1&to=qs&pwprc=7089917814&format=1200x90&url=https%3A%2F%2Fsteamru.org%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703457990233&bpp=1&bdt=1183&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C307x250%2C1200x280&nras=4&correlator=7362054081539&frm=20&pv=1&ga_vid=300495156.1703457990&ga_sid=1703457990&ga_hid=1150324590&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809004%2C95320378%2C95320885&oid=2&pvsid=4296945606762119&tmod=1916643136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-36.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id null date Sun, 24 Dec 2023 08:09:40 GMT via 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 52614 etag "4e57de0506fbdb487ffcd53b450caee1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2808 x-amz-cf-id 1KyazRgCFcCJMTBo2UdQMGmodG3VuOvJau0xmAITeOsYMv5bO7QrXQ==
GET H3	200	css fonts.googleapis.com/ Frame 14F4	2 KB 434 B	52ms 50ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900028.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Dec 2023 22:46:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Dec 2023 21:12:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Dec 2023 22:46:33 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 14F4	9 KB 9 KB	160ms 79ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash 41904c337a11c478ba8fcd34f1af4fcb5b101a838fce44a9568b0b577e104188 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900028.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:33 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9250 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 14F4	7 KB 7 KB	120ms 40ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash c8eee5bb74c91b06862db673c394b66ed8a33e755be1e0a941e2cd9d1d702420 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900028.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:33 GMT Content-Encoding gzip Server Apache Connection close Content-Length 7117 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 14F4	10 KB 10 KB	121ms 40ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash df8c2274a1dbd81449ee09f6191b6c7ce60e79c79462f9340bcc9e8aa77ee741 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900028.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:33 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9890 Vary Accept-Encoding Content-Type image/png
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 7D12	274 KB 91 KB	55ms 54ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 691d92ec63951a648044122b8fab14a48bc753e82234589fe1d6fb3e089a7566 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93055 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 24 Dec 2023 22:46:33 GMT
GET H2	200	a www.googletagmanager.com/ Frame 7D12	0 59 B	48ms 47ms	Image text/html	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=adv.office-partner.de%2F&tdp=GTM-TBMT2SF;8857208;0;0;0&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	204	td www.googletagmanager.com/ Frame 7D12	0 119 B	48ms 47ms	Image image/gif	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/td?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=adv.office-partner.de%2F&tdp=GTM-TBMT2SF;8857208;0;0;0&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sun, 24 Dec 2023 22:46:33 GMT server Golfe2 content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	a www.googletagmanager.com/ Frame 7D12	0 40 B	49ms 48ms	Image text/html	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&es=1&e=gtag.config&eid=0&h=Ag&tr=1googtag&ti=2googtag&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	a www.googletagmanager.com/ Frame 7D12	0 40 B	48ms 47ms	Image text/html	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&es=1&e=gtm.js&eid=1&h=Ag&tr=1html.5html&ti=1html.1html&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	viewability Show response hal900028.redintelligence.net/ Frame 14F4	0 150 B	118ms 40ms	Script text/html	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900028.redintelligence.net/viewability?s=20963200096455804444550012548028&a=e7b95984&vb=m Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900028.redintelligence.net/request_content.php?s=20963200096455804444550012548028&a=fe4ce9c2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sun, 24 Dec 2023 22:46:33 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	a www.googletagmanager.com/ Frame 7D12	0 49 B	46ms 46ms	Image text/html	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&es=1&e=gtm.dom&eid=14&h=Ag&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	a www.googletagmanager.com/ Frame 7D12	0 11 B	47ms 46ms	Image text/html	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=113437774&cv=4&rv=3bt0&tc=2&e=gtag.config&eid=0&h=Ag&tr=5googtag&ti=2googtag&z=0 Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 22:46:33 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST		tracking-event api.webgains.io/ Frame 1D21	0 0
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	165ms 46ms	Preflight	35.177.175.102
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.175.102 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Sun, 24 Dec 2023 22:46:33 GMT server nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.webgains.io

URL

https://api.webgains.io/tracking-event