urlscan.io logo urlscan.io
SecurityTrails logo

steampunkcons.com Open in urlscan Pro
2606:4700:3031::ac43:a3a0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://steampunkcons.com/
Effective URL: https://steampunkcons.com/
Submission: On August 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 11 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3031::ac43:a3a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is steampunkcons.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time steampunkcons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700:3031::ac43:a3a0 (United States)

ASN13335 (CLOUDFLARENET, US)
steampunkcons.com
5    64.90.41.203 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-cabo.tillamook.dreamhost.com
media.animecons.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
10    2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
4    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
18 tpc.googlesyndication.com 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
steampunkcons.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 steampunkcons.com 1 redirects steampunkcons.com
10 c.bannerflow.net 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
c.bannerflow.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 www.google.com 1 redirects steampunkcons.com
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
steampunkcons.com
5 media.animecons.com steampunkcons.com
4 www.googletagservices.com steampunkcons.com
securepubads.g.doubleclick.net
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
3 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
2 www.google-analytics.com steampunkcons.com
www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de steampunkcons.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com steampunkcons.com
82 17

This site contains links to these domains. Also see Links.

Domain
animecons.tv
fancons.com
twitter.com
facebook.com
adequate.com
html5up.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
media.animecons.com
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://steampunkcons.com/
Frame ID: B2C450AA75CD5543D6C2396F85354B7D
Requests: 40 HTTP requests in this frame

Frame: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB386E6DDF34AF7DB24FD70FDBB628F2
Requests: 1 HTTP requests in this frame

Frame: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C35ECE4C595192FD3E1CDA8DF97D3361
Requests: 19 HTTP requests in this frame

Frame: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B359037E60EF410A62842546C2B3CF74
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Frame ID: 3F31CA755ECAA51D1A35864AA7C736E4
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeYZldYodYcjsKJGfx_APjpmQwAG0xIPZY8KXlOfBDc2_pPz4JxABIJr1gAJg8a38haQfoAGSxrbsAsgBCakCDAWqWbWmsz7gAgCoAwHIAwiqBNkBT9DgYVsDUtMatLvvFvrOioKKmvcDKuXxAmLVugh9Hwtsu6mNuNLcMlGOY6UI7FaJcikXZ7Vv8i7VuPAUsBhkuNe1AYrELpnL_2pxBYqIoIbkmwgUBUtxsCeBR_QdTXVE8DMQzWAnrLU9aQkDrytI5wEQDxVjR-loPXoWedgjB3B1inhzJPD1HonPj_LbUsx7Rph05gUyhCLIclB0ot6r27Ikm17CUqpf3bq8W2L9gjGsHQs67lwqorx1FHi1hDYN4APG9YUFbznLRmmWT1T4E1JcqV5RwLwB68AEjNbDw9AD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9a5yZMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKiLG9IICQiI4YAQEAEYHYAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MTY2NTU0NTI0NjM0NjY1GLiRBg&sigh=CeSiEN6f4vo&template_id=419
Frame ID: 8956CC180437289EA9EE32A08EF65632
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 92D9682A9B8AA3B1785C8405C3AC0C05
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F881C22EDA3CF639809DC95B04F437C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A051801341F5DD76FF75F10FF1579F4F
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fkinto%2F6093f7aedd5537e3c91ddb0d%2Fimages%2Fdab25e6c-00a1-4246-a9ff-2076647378be.jpg&w=231&h=200&q=90&f=webp&rt=cover&x1=212&y1=0&x2=1221&y2=874
Frame ID: 7126E96368DA81F8FF48BFAF22DDCB91
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://steampunkcons.com/ HTTP 301
    https://steampunkcons.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

82
Requests

100 %
HTTPS

90 %
IPv6

11
Domains

17
Subdomains

22
IPs

3
Countries

1368 kB
Transfer

2487 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://steampunkcons.com/ HTTP 301
    https://steampunkcons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
steampunkcons.com/
Redirect Chain
  • http://steampunkcons.com/
  • https://steampunkcons.com/
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f615b3109840e786d444387b2913d75445cd70b65f1c00c996ed13b7462a7d2

Request headers

:method
GET
:authority
steampunkcons.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIYLiU4DPzg%2BDqyY9XcX%2BIKuucYMvCrTViGAIYPtDl5eGjfi4lO6P8hVkXSLy754vyFhrP%2FXFzO4Zdn5UyddnjfA1UdvAbsqx7bf3AzRoj8HCmbEna0qtL3YaDI0lfBlRK9Z7AatR3833%2BZSViu8QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
680e98f5cd5a4339-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Wed, 18 Aug 2021 22:32:20 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 18 Aug 2021 23:32:20 GMT
Location
https://steampunkcons.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb%2BcAsYbUnkRkTVrSSTjVutZ08ItISIAgHxaock3zbyj7CsDo24WlFlX9oF572oa9yxf3w6dhanFv6dXPUGMvRlZqJWpEYS9mCRFtDFjJuBNZIDcF4Zl62uQOIWy875sgaapSz1lwbMW0GIlciF%2FOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
680e98f54e88430f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mainPC.css
steampunkcons.com/assets/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/css/mainPC.css
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e59cb93d79072065f7a9a63afd7830110ae47782ae5a40d46f16507e2a1ebb1e

Request headers

:path
/assets/css/mainPC.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1587509
cf-polished
origSize=49898
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Dec 2017 02:58:25 GMT
server
cloudflare
etag
W/"c2ea-5602ff0e7b640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh8LPgQU1f25xWlstziD575rUrHZuokaZ5QcA4s28cGiRnBnVgOS%2BadoccHLsiiLulFACfoZdAMPu4Y2t3QZekGS%2BwnoVgx9%2BF%2B%2F%2FRA3NH%2BM3OCBOkbH3T5u%2FmTtnEAnpiWDg4C3t7jmqAx7z09cpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
680e98f91fa1978a-FRA
expires
Sun, 29 Aug 2021 17:14:57 GMT
SteampunkConsLogo.png
steampunkcons.com/images/logo/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/images/logo/SteampunkConsLogo.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d18cf4b18d417f4d1246917ffcccee70384d02ef0b36a189f7cb4c6837b822

Request headers

:path
/images/logo/SteampunkConsLogo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13687
last-modified
Wed, 28 Sep 2016 05:08:37 GMT
server
cloudflare
etag
"3577-53d8a5a84ff40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOF7GplX0q2famtuw5DHZYlHsyTqRb9iFO3cgyR18dHRhZpwBFmkaz%2BkmSpDd3N0NkYpSrxoXnCB3g%2BhdnT%2Fy1BXad9tG6ck0bEL48d4aqFtcCh456eiM%2BBrXVIUiyoNGcbNFV1iMplzGXY13PRF9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f91fa0978a-FRA
expires
Sat, 21 Aug 2021 02:19:01 GMT
logo_C17555.png
media.animecons.com/ConLogo/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.animecons.com/ConLogo/logo_C17555.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.203 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-cabo.tillamook.dreamhost.com
Software
Apache /
Resource Hash
a51c68b01b7d5862cf173bb33b349668a36417c58688c6fdebf24b6b3c06b8ce

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
last-modified
Tue, 20 Jul 2021 03:55:12 GMT
server
Apache
etag
"cb10-5c786054f5bcb"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
51984
expires
Fri, 17 Sep 2021 22:32:21 GMT
logo_C17367.png
media.animecons.com/ConLogo/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.animecons.com/ConLogo/logo_C17367.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.203 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-cabo.tillamook.dreamhost.com
Software
Apache /
Resource Hash
f6fb7ab98c9da6742f4ec08520f301dac639f140e0e165ab2fdc889d43aca8d7

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
last-modified
Mon, 21 Jun 2021 06:07:29 GMT
server
Apache
etag
"6b39-5c5407d072f82"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27449
expires
Fri, 17 Sep 2021 22:32:21 GMT
logo_C16239.png
media.animecons.com/ConLogo/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.animecons.com/ConLogo/logo_C16239.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.203 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-cabo.tillamook.dreamhost.com
Software
Apache /
Resource Hash
df348741bdb96b0f22c52773b1849543fc5fb6e371234da91bc27f5c0c3800c5

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
last-modified
Tue, 15 Sep 2020 23:18:01 GMT
server
Apache
etag
"11499-5af625cc189a6"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
70809
expires
Fri, 17 Sep 2021 22:32:21 GMT
logo_C17709.jpg
media.animecons.com/ConLogo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.animecons.com/ConLogo/logo_C17709.jpg
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.203 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-cabo.tillamook.dreamhost.com
Software
Apache /
Resource Hash
7d4d900e965891c564158721bd182b346c96f3c164444e6e722a54cfdc069810

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
last-modified
Wed, 11 Aug 2021 22:29:47 GMT
server
Apache
etag
"3a58-5c95027e335a8"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14936
expires
Fri, 17 Sep 2021 22:32:21 GMT
1304-AnimeLockdown.jpg
media.animecons.com/podcast/episodes/13/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.animecons.com/podcast/episodes/13/1304-AnimeLockdown.jpg
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.203 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-cabo.tillamook.dreamhost.com
Software
Apache /
Resource Hash
d305359ca5fc23fa9ea7544d162ab1fa73cf917335bff2cd87a12e9f1eba7f10

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
last-modified
Mon, 28 Jun 2021 04:47:09 GMT
server
Apache
etag
"29af0-5c5cc2e970700"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
170736
expires
Fri, 17 Sep 2021 22:32:21 GMT
jquery.min.js
steampunkcons.com/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/jquery.min.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

:path
/assets/js/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1587509
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:38 GMT
server
cloudflare
etag
W/"176d5-525d162b56180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJN9RZHhmS1NExaO8hOrl71ah8hc8jepB6Euh0%2BwQNV762I5dq3Yknfe3INIVpzTbwS%2FYXOAJ7ADwYySmmC%2FahbUweAubo1WUFYh1%2F7zQ7%2FLnTDmZdyFxZCGv5D8nhVMQHJco8m88v%2FXKXi56Q8geA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f94fa8978a-FRA
expires
Sat, 21 Aug 2021 18:54:21 GMT
jquery.dropotron.min.js
steampunkcons.com/assets/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/jquery.dropotron.min.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b405b2510fba2b69acd54d409aed128fe35cd7f0827d414e0551d8127954e2

Request headers

:path
/assets/js/jquery.dropotron.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318202
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:38 GMT
server
cloudflare
etag
W/"10ea-525d162b56180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LeDVLC16crQoKJacx7XhOM7Oqh0li%2F9NTftZkqeJqyISlhMDBrw9PD9rC4D7lO7%2FYyTtKjjJRdf7gfuv4oxr7q1%2F8UqWsCM0Mc%2FEtTzLtJBZTl9b559WXlbpwP2EJA3nCmZbJ2FivBYRTIryKftWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f97fb5978a-FRA
expires
Thu, 02 Sep 2021 01:18:09 GMT
skel.min.js
steampunkcons.com/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/skel.min.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93e56bfb68f8389b5decfcfb621863b3d4884039501f8290458d8345225fec4

Request headers

:path
/assets/js/skel.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318201
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:39 GMT
server
cloudflare
etag
W/"2383-525d162c4a3c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UuwMbiUwd6P2pGRAhaspJkn7rA5u1YoLHMCmF4dlwz0%2BZDmm48XDNQgMCGgQvIUvsG8jXOpacVnbn5MpmnOhqZdhJ6MVbTHKz9RFPqvcupN%2FgNGaj7tx7rSy%2BgYHRvVbX51qqgHIsdpHssfRawsNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f97fb6978a-FRA
expires
Wed, 01 Sep 2021 10:45:12 GMT
skel-viewport.min.js
steampunkcons.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/skel-viewport.min.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2487fe770f52c8631150215b55a2bb12a4bd9a9815f458212c85188c27e6e53

Request headers

:path
/assets/js/skel-viewport.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318201
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:39 GMT
server
cloudflare
etag
W/"49f-525d162c4a3c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O5hRMOyMZXN0FBWMjASobfL5w4%2BQOwZxbhvtdJ8p0865GbFw8sImfs8zm4hhwTWSuHYhVpXTFgrbrBeF3aeYb7QtP2KzGOkPzjS0yNKvYSjV5ct4ic%2F4NNtqG4glMTAMJum5SzqmaQa%2BG9mCltTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f97fb8978a-FRA
expires
Sat, 11 Sep 2021 05:19:41 GMT
util.js
steampunkcons.com/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/util.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f841fbc8f1c113a212eaafc553ece315c624ee0f2b6373518f89a224dfac3cf1

Request headers

:path
/assets/js/util.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318201
cf-polished
origSize=12433
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:39 GMT
server
cloudflare
etag
W/"3091-525d162c4a3c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi4THVdL%2Fr1ZJawK%2F%2FSeLXlXAfSbfXRAnxffSOz7%2FbswqTLP3QmuLfhF0PDUtp%2FUMtA91A4rdUrOsrmdRHus8xl0wHh%2FfVeEZEpBgPalzQin1VPHNk8LpnFLCMj7SQj0GALb9FxZzWNtdMoXfwJS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f97fba978a-FRA
expires
Thu, 02 Sep 2021 16:08:02 GMT
main.js
steampunkcons.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/js/main.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd1f41b34802f31d3cc5fcba33592f6b3d11ac9ec866b59cf39b3ac0a30cd2d

Request headers

:path
/assets/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
steampunkcons.com
referer
https://steampunkcons.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318202
cf-polished
origSize=1980
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:39 GMT
server
cloudflare
etag
W/"7bc-525d162c4a3c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtRZu8SzXjWrTK1g2Avj6oY%2FgmrZatU1RuIlFIc8aMwyW9vVKGrAUUgPuSmgZK%2BB6x%2Bitj%2BDYP9szOGTN9%2FlxKQRfdlcmXaXaBZ2PjZToiBOQ47UFJLovxQAp9mGuUvxyINMliumnjYxGp3Pas9uWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
680e98f97fbb978a-FRA
expires
Sat, 21 Aug 2021 14:36:33 GMT
css
fonts.googleapis.com/ 		8 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,800
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
394979cfb89fb9af735a57535c5b3e8254ac6b8184f6d077453645db64d532ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 22:32:20 GMT
server
ESF
date
Wed, 18 Aug 2021 22:32:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 22:32:20 GMT
font-awesome.min.css
steampunkcons.com/assets/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/css/font-awesome.min.css
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

:path
/assets/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318202
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 01 Dec 2015 07:48:34 GMT
server
cloudflare
etag
W/"6857-525d162785880-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFJ2re62j7NwXiqk7%2FUbE5C5tWGNue1vKaPSFvTI8vPn%2BCjDPE5KTT9n7Ia9vvaHwTU1R0%2BOi5%2BDtjdQZYSOxAwPnMKSsInJ81yeqtDo2bu%2FQu8XDr4Ts%2B6zkl4m9yOLO%2FMwkilxrzKUj1n6EiDz1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
680e98f94fa9978a-FRA
expires
Wed, 01 Sep 2021 00:24:19 GMT
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c23faba2a553b3dde4bbcff8e19df4a2b6464e21f3d800d3a8cafebbc28a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"963 / 85 of 1000 / last-modified: 1629324705"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25197
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:20 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3346
date
Wed, 18 Aug 2021 21:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 18 Aug 2021 23:36:34 GMT
bg01.png
steampunkcons.com/assets/css/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/assets/css/images/bg01.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b23a9a6ecb7dcd0a48fd166739ed50cf6f5c46b93c9654b6a761241816c3dd0

Request headers

:path
/assets/css/images/bg01.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6310
last-modified
Tue, 01 Dec 2015 07:48:35 GMT
server
cloudflare
etag
"18a6-525d162879ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIFGRe3lEdHCCsKAJAeq41xH%2FVxubKUpQB3rbLwvmWk8W5EYc5WzGc1yTl6mMhc5QVcbcd%2BQ4KIBiBUJjzm9Fvt38uvJBPxkQbmIIFR%2FxJ03WBIzevfNqf7T7jbrR6GkZmLbGuEIdKPxX0Ksg7mesA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f97fbd978a-FRA
expires
Sat, 04 Sep 2021 00:03:16 GMT
SteampunkConsHeader1.jpg
steampunkcons.com/images/header/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/images/header/SteampunkConsHeader1.jpg
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64539c3b80f1e8c8b883c3e024f655976fcb8e7a5808b1fec436d08bb7bf062

Request headers

:path
/images/header/SteampunkConsHeader1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
245647
last-modified
Sat, 26 Nov 2016 02:56:37 GMT
server
cloudflare
etag
"3bf8f-5422b63168340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6UK5KwF8C%2BDnKxx0VTMNEMcc6Fz4jcB9UUdsSALx8lAYLbePHez0%2BgCMQP9urjrT%2BVMySXYq0mzjuRnESmzc2SlyrSLJgu%2FV5EOdegYQK0jYbMZeL6i15ogg0cVY0ZbdYuTyDwMFXIDxb2G0I1B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f97fbe978a-FRA
expires
Fri, 10 Sep 2021 02:30:31 GMT
bg02.png
steampunkcons.com/assets/css/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/assets/css/images/bg02.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5bd22cb3c4050e97252bc32883b1a8fa2fb3ef5de82a38a3004e99df8fdaa2d

Request headers

:path
/assets/css/images/bg02.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3535
last-modified
Tue, 01 Dec 2015 07:48:35 GMT
server
cloudflare
etag
"dcf-525d162879ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4cY4%2FikD974ETzCAfucUKifDGPtIoQ%2FLbXLCnKZLiop1Yn8FGl7d%2FT43pvvkepSH0oUIHwSSrCn54FiBZa7cgK0k8NBkApM%2F%2FzNRNWZ73GG0A7HSab1xkoidYbWdf%2FV1wZI3vMfABFHYvnCB3oicw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f97fbf978a-FRA
expires
Sat, 21 Aug 2021 20:04:53 GMT
bg03.png
steampunkcons.com/assets/css/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/assets/css/images/bg03.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01372300e22c8857b844e88ed0de27ae760f4f71948338486301b2a21c5af675

Request headers

:path
/assets/css/images/bg03.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1587508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3693
last-modified
Tue, 01 Dec 2015 07:48:35 GMT
server
cloudflare
etag
"e6d-525d162879ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJJBM9NaVmaUBj24gjOCzKPooQTknNnmeHGn%2F1%2BimBF%2BwN%2Fv2S%2FAC%2BY7MkgtYjyJJiWJ9vlmv1TtJyTAhdmHSMYxUZvJhVr47uNAS%2BlEuoFcgKFLtpAy%2BCHYOBHhUdVP%2FRTIyAmTLpmNeOh7W8Lf3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f97fc0978a-FRA
expires
Fri, 20 Aug 2021 21:03:43 GMT
bg04.png
steampunkcons.com/assets/css/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steampunkcons.com/assets/css/images/bg04.png
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/mainPC.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a0ba4262532e02c6081bc7e722f3357dfe3f7edef6c9096b68b3f7f1b5d619

Request headers

:path
/assets/css/images/bg04.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/mainPC.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://steampunkcons.com/assets/css/mainPC.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1587508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3869
last-modified
Tue, 01 Dec 2015 07:48:35 GMT
server
cloudflare
etag
"f1d-525d162879ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIsnf%2FWuU8uKNw8yu2x5WqQosQB%2Bisu724j9ydUrgXvZfkCBVyGyfCVtILr8TnYTXs%2BT3TNg880zGh%2BZryqF%2FYKt336HeYrHuY7iOLJY%2FmN%2B5l10qtDQOzx80Y%2BmCBxWluzRFRhmw1Fdu64UDpxhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
680e98f97fc1978a-FRA
expires
Thu, 26 Aug 2021 17:53:51 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://steampunkcons.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:35:32 GMT
x-content-type-options
nosniff
age
165408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:24:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:35:32 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://steampunkcons.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
165744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
fontawesome-webfont.woff2
steampunkcons.com/assets/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://steampunkcons.com/assets/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/assets/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

:path
/assets/fonts/fontawesome-webfont.woff2?v=4.4.0
pragma
no-cache
origin
https://steampunkcons.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
steampunkcons.com
referer
https://steampunkcons.com/assets/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://steampunkcons.com
Referer
https://steampunkcons.com/assets/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32232
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
64464
last-modified
Tue, 01 Dec 2015 07:48:37 GMT
server
cloudflare
etag
"fbd0-525d162a61f40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERD1dadKbQgOCLDuPRZ%2BMPczQ727TXE4NO7fWfXDfrUlf4S2xSS54itiYFAq%2FydxmLcz4NY0fP%2BewTKw9a5fT9nObjKUF9jpI%2BlpW13Nzubf66hcu3UggsBAmGLay2QjHsDBSr4KpTbFSLL79F7Uyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=172800
accept-ranges
bytes
cf-ray
680e98f97fbc978a-FRA
expires
Fri, 20 Aug 2021 01:51:49 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://steampunkcons.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
165744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=52213713&t=pageview&_s=1&dl=https%3A%2F%2Fsteampunkcons.com%2F&ul=en-us&de=UTF-8&dt=SteampunkCons.com%20-%20Steampunk%20Conventions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=480731236&gjid=151625261&cid=1248440289.1629325941&tid=UA-2967071-41&_gid=566493520.1629325941&_r=1&_slc=1&z=963992060
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://steampunkcons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021081201.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 08:42:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117424
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		74 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=steampunkcons.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2994cee99fb86b7486a072c146d16b0e40ad9087bb25adf9a9723d3fd0394225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 22:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:21 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-2967071-41&cid=1248440289.1629325941&jid=480731236&gjid=151625261&_gid=566493520.1629325941&_u=IEBAAEAAAAAAAC~&z=513973014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 18 Aug 2021 22:32:21 GMT
content-type
text/plain
access-control-allow-origin
https://steampunkcons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2967071-41&cid=1248440289.1629325941&jid=480731236&_u=IEBAAEAAAAAAAC~&z=475057688
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2967071-41&cid=1248440289.1629325941&jid=480731236&_u=IEBAAEAAAAAAAC~&z=475057688
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=steampunkcons.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 22:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=steampunkcons.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 22:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		230 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217838050604510&correlator=4062229243093828&output=ldjh&impl=fifs&eid=31060837%2C31062030%2C31062320%2C31062220%2C20211866%2C31062179%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=1010536%2CPC_top%2CPC_bottom%2CPC_block&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C970x90%2C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1629325941&dt=1629325941597&dlt=1629325940642&idt=920&frm=20&biw=1600&bih=1200&oid=3&adxs=200%2C315%2C-9&adys=729%2C2157%2C-9&adks=1207721732%2C2234593950%2C585044151&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fsteampunkcons.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1220x20%7C1600x599%7C0x-1&msz=1200x0%7C1600x0%7C0x-1&ga_vid=1248440289.1629325941&ga_sid=1629325942&ga_hid=52213713&ga_fc=false&fws=0%2C0%2C2&ohw=0%2C0%2C0&btvi=0%7C1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
962bd93b600253ced3c39daae835453456c6970e1dd7b31423dd929bca8505d7
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIj754_Qu_ICFZHPEQgdjgwEGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5396358199666586183/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIj754_Qu_ICFZHPEQgdjgwEGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5396358199666586183/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63846
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
date
Wed, 18 Aug 2021 22:32:22 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://steampunkcons.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB38 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://steampunkcons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://steampunkcons.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 22:32:21 GMT
expires
Thu, 18 Aug 2022 22:32:21 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C35E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://steampunkcons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://steampunkcons.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 22:32:21 GMT
expires
Thu, 18 Aug 2022 22:32:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286089745720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27752
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:22 GMT
container.html
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B359 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://steampunkcons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://steampunkcons.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 22:32:21 GMT
expires
Thu, 18 Aug 2022 22:32:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
66d9f0259a3a2d0bba519ccbcea8c40bcb493d9ab9215e2f8cda8d8439f5dfc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8484
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C35E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Caw-gdYodYcfsKJGfx_APjpmQwAGwiJyPZPHksfyaDsOEzq63CRABIJr1gAJg8a38haQfoAHP7qi6AsgBCakCFOZQpIbDfj7gAgCoAwGqBNQBT9AG4QnsVEVaw2gBxmGvwAu-n8BbzpIH7rB3SKjAlyCO7VKZhJ3BBGWOH3cy0lTWJ78UUrtgjUvzx0s4C795cu3X9WEJrs7Ai5RtkBadI6FBoK_idujxGWazhgCqyNjHNzE-kjyvUoGpA5OVN_NnKfynvhjeDyB9QDWz1VXjn3sgyXRneFISk1Bfyv-We1NT0AdeXriPSmpSJIaLk7l0cbyZtc87ujW54sPHMBabTt4essPcbVV65DN6I1oBhS0TL6QN_Brg3L5stGc_35q7bcY5uR7ABOCgjvbQA-AEAZIFBAgEGAGSBQQIBRgEoAYRgAeZkdfFAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD01AnSCAkIiOGAEBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjE2NjU1NDUyNDYzNDY2NRi4kQY&sigh=JLOHu-ilAiM
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
60dc6ced6a4b661b37d8acec
c.bannerflow.net/a/ Frame C35E 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/60dc6ced6a4b661b37d8acec?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_7WdYodYcfsKJGfx_APjpmQwAGwiJyPZPHksfyaDsOEzq63CRABIJr1gAJg8a38haQfoAHP7qi6AsgBCakCFOZQpIbDfj7gAgCoAwGqBNcBT9AG4QnsVEVaw2gBxmGvwAu-n8BbzpIH7rB3SKjAlyCO7VKZhJ3BBGWOH3cy0lTWJ78UUrtgjUvzx0s4C795cu3X9WEJrs7Ai5RtkBadI6FBoK_idujxGWazhgCqyNjHNzE-kjyvUoGpA5OVN_NnKfynvhjeDyB9QDWz1VXjn3sgyXRneFISk1Bfyv-We1NT0AdeXriPSmpSJIaLk7l0cbyZtc87ujW54sPHMBabTt4essPcbVV65DN6I1oBhS0TL6RP_hdyCHjS_7WByWMeQT-03gfKlebABOCgjvbQA-AEAaAGEYAHmZHXxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAG4DAHYEw3QFQGYFgGAFwE%26num%3D1%26sig%3DAOD64_1OW5Vj46OADtpTq6C9atFszqm6IQ%26client%3Dca-pub-6166554524634665%26adurl%3D&cb=895070086
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079b59ad944f04648147d1ca48d18d73e190f86f424d82ca61b3af1500f5f182

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
680e9903bf544a5b-FRA
link
<https://c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/published/874319/1098839/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C35E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 23:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
server
cafe
etag
3919984641620196875
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 23:31:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C35E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:21:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C35E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C35E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:30:46 GMT
l
www.google.com/ads/measurement/ Frame C35E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIsO-f-_Mxzq4K-20VvunxRLbp1boj9MwNEMSuVnjwVAz2vey0TF4ecQdr1_BIYGaOmI5C9PoCfXl8UXfmlzk3iFiudg
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame C35E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:30:38 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/ Frame 3F31 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ca18a720cd33c55b60a69c1858568ef98ff43e964e77c889e3f5ea4178f3f68
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5396358199666586183/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2884
date
Mon, 16 Aug 2021 07:07:54 GMT
expires
Tue, 16 Aug 2022 07:07:54 GMT
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
228268
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8956 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeYZldYodYcjsKJGfx_APjpmQwAG0xIPZY8KXlOfBDc2_pPz4JxABIJr1gAJg8a38haQfoAGSxrbsAsgBCakCDAWqWbWmsz7gAgCoAwHIAwiqBNkBT9DgYVsDUtMatLvvFvrOioKKmvcDKuXxAmLVugh9Hwtsu6mNuNLcMlGOY6UI7FaJcikXZ7Vv8i7VuPAUsBhkuNe1AYrELpnL_2pxBYqIoIbkmwgUBUtxsCeBR_QdTXVE8DMQzWAnrLU9aQkDrytI5wEQDxVjR-loPXoWedgjB3B1inhzJPD1HonPj_LbUsx7Rph05gUyhCLIclB0ot6r27Ikm17CUqpf3bq8W2L9gjGsHQs67lwqorx1FHi1hDYN4APG9YUFbznLRmmWT1T4E1JcqV5RwLwB68AEjNbDw9AD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9a5yZMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKiLG9IICQiI4YAQEAEYHYAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MTY2NTU0NTI0NjM0NjY1GLiRBg&sigh=CeSiEN6f4vo&template_id=419
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 8956 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:29:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8956 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:31:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8956 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8956 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 22:31:22 GMT
l
www.google.com/ads/measurement/ Frame 8956 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr_sxzk32JpLyr-BBIjiyu4Q3sbuxwYfTgoOYfPuZ_zj5Ukh1QASmQ38A6qQwA8YvXXey6HKNvrTGb-eMAR0ijsD6T2A
Requested by
Host: steampunkcons.com
URL: https://steampunkcons.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 18 Aug 2021 22:32:22 GMT
truncated
/ Frame C35E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c7459f68e98c4a4ecdb9f0a02bec3ea83ab7de8c444ec4dea514f290e2c2ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
preload.jpg
c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/published/874319/1098839/ Frame C35E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/published/874319/1098839/preload.jpg
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0119ad8dca2bc740f09586d45c6f2277750f4a9ffc4a5142b7d092c508da746

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Aug 2021 22:32:22 GMT
cf-cache-status
HIT
age
3895403
content-length
19405
x-ms-lease-status
unlocked
last-modified
Fri, 02 Jul 2021 10:03:28 GMT
server
cloudflare
etag
0x8D93D40A3A3B470
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
88ba4158-d01e-002c-6c13-710189000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
680e990468664a5b-FRA
cf-bgj
h2pri
s
googleads.g.doubleclick.net/pagead/drt/ Frame 92D9 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl9ZDUA9cLUlL6dZ5-r0otM6ebewRLYBQbmAVRfmEmgjCrK-lxH082OaZ3snco
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 21:42:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8956 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cf781ec9085a5ff46fef0559218f4e5109e15994a1aa36b522a6b2ddfc86454

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F881 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://steampunkcons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://steampunkcons.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 18 Aug 2021 19:41:50 GMT
expires
Thu, 18 Aug 2022 19:41:50 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A051 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
761277f4e0a9c92901afe6dc600d6518d66b675327368a72d94133f2a4e266d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5XSp/RWtb+kYyfoMAtWQRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://steampunkcons.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=F4aY14gHgyZ17U6upVayf_GQowtzw_d_qxyoB293DZM31m0N3yFMs1hYIZT8Tl-PVYZbPB8aqjCb8efBaNsJb0l94JRozMtRo1inqTB3w2qrMvF-2G9yd1_UjO72OQ47MATOH6SqIsH3gavJEaFPFn9UWCmdM9SEY6j79dH8rLo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://steampunkcons.com/

Response headers

expires
Wed, 18 Aug 2021 22:32:22 GMT
date
Wed, 18 Aug 2021 22:32:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5XSp/RWtb+kYyfoMAtWQRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
c.bannerflow.net/tr/v2/ Frame C35E 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60dc6ced6a4b661b37d8acec?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_7WdYodYcfsKJGfx_APjpmQwAGwiJyPZPHksfyaDsOEzq63CRABIJr1gAJg8a38haQfoAHP7qi6AsgBCakCFOZQpIbDfj7gAgCoAwGqBNcBT9AG4QnsVEVaw2gBxmGvwAu-n8BbzpIH7rB3SKjAlyCO7VKZhJ3BBGWOH3cy0lTWJ78UUrtgjUvzx0s4C795cu3X9WEJrs7Ai5RtkBadI6FBoK_idujxGWazhgCqyNjHNzE-kjyvUoGpA5OVN_NnKfynvhjeDyB9QDWz1VXjn3sgyXRneFISk1Bfyv-We1NT0AdeXriPSmpSJIaLk7l0cbyZtc87ujW54sPHMBabTt4essPcbVV65DN6I1oBhS0TL6RP_hdyCHjS_7WByWMeQT-03gfKlebABOCgjvbQA-AEAaAGEYAHmZHXxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAG4DAHYEw3QFQGYFgGAFwE%26num%3D1%26sig%3DAOD64_1OW5Vj46OADtpTq6C9atFszqm6IQ%26client%3Dca-pub-6166554524634665%26adurl%3D&cb=895070086
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 18 Aug 2021 22:32:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
680e9904e9334a5b-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3F31 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 23:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 18 Aug 2021 23:05:48 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3F31 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 18:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 19 Aug 2021 18:31:13 GMT
3f13f2a69268b2f31142f9ec0020eec6.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/ Frame 3F31 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/3f13f2a69268b2f31142f9ec0020eec6.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06ba26b4755ece0fb20384a6390dcf606779982cf9c170fdafd2a2071aea2f0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16439
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
8b078aa995ce46084f678c4efb18abf4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/ Frame 3F31 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/8b078aa995ce46084f678c4efb18abf4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9060e86019f6ed23c8c45c352add18b825ab8dc0e9186403368a77897df08bad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1997
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
c6bf148964383e681aa56ff05cc325c2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/ Frame 3F31 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/c6bf148964383e681aa56ff05cc325c2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50ece40424d173fd523cba4542f492af782c9806d1119c843fecc973476dd5d9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14696
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
278dee0cd5ef78286c21fbafb04961ef.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/ Frame 3F31 		332 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/278dee0cd5ef78286c21fbafb04961ef.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bbc63fdeb41d926c6d7f88a588d3db6397ef156d4a042f7d4caee9546f74a59
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
82e051cc42dba382cd9d2b69206a9f03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/ Frame 3F31 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/82e051cc42dba382cd9d2b69206a9f03.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b86eea77e6a68f6dc79fcedc33f6d63360a8e2d8df2944fdf5ccae8c9b96a4a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4890
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
abd1b446f15b92944871c7a34662480d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/ Frame 3F31 		782 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/media/abd1b446f15b92944871c7a34662480d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5396358199666586183/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3607b398139d806d01a116adfd7e708f036291984cac7eafe4ffa4d8b6423576
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
228273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
782
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 16:17:09 GMT
server
sffe
date
Mon, 16 Aug 2021 07:07:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 07:07:49 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 92D9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl9ZDUA9cLUlL6dZ5-r0otM6ebewRLYBQbmAVRfmEmgjCrK-lxH082OaZ3snco
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 22:32:22 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 18-Aug-2021 23:32:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 22:32:22 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 22:32:22 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame F881 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 08:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
50901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 08:24:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081201&jk=217838050604510&bg=!enmleT3NAAZvV8FTb1c7ACkAdvg8WslK66xH0-5zWUryNrMo8bQqROx_aPIwaxXWPQaH5rtV13g6awIAAACOUgAAAAtoAQcKAKReHnmB-j5nrSYaet2CORaqp1m5DWLQfkFgBjLX375_UqKnB0DIBZ72_P64Zgw9QIkpxDHmbSSYjqQG1VyBTYlO8ChfSRzWXXCRCCo9mMN0JKLBDuB2-6zoT6RIBhHt9IR5C7lgylSnuNIuTxHYUfNd9j67IuE5embYKpXUrOrI9DHjqHjGN0ZOcUL4ZyR6udD9hEi5uPWj4ycLkDhYq8NcfMa0U5kCfTy1hhd3bSVDEQMQTeASw_yGtZ54ISG-wQMyIo_-xPYvZP1dZQjIKzvzrTObxNQ0GTNAeAzPwRBwJTh47_8D4yBaRV3-wLyAbSgOJX9iLoC-GCM48zXPJ1uPmFYEY8H2Pf5bOiKTUvNbhF7dLJYqKQtYFt2sE8qOp7t0Bcq1zjB3-nfaU01OgwSUUS5S5NTsSUuhCWwGocJJQU2oAeIeLZAHWyb4msoFLId5TZs-JUdIi1h6r8bomkaM4SYonRxDKYIXMbqbN9ysPvSnB7Y2XOiSgWx4lX9GYhW5O34PkVe70MwS4oB0cHAZXZYduAFmzs90H87Aq-hU1cqQUf8qV8fhGZEd8o6sTyFw4zpOH8vL8OZSJ3wEAl2GycMBssGuHrujWMy_4c7HgPpqC-M2pn8xCBJWJkSrSh857FB-ewBF5SZ-LWF-oF28B4LlnMYDsSsB-d_izTmqtRY5IOE8jtVlsGETytfC6fPRDzmeBeDaPV5IiYGHLuajGVHIuKTvnmzzYc5Q4n5VmfJdY2__UHj8JtEWyseqCjFppEfksBLTXsUWApV-fS8rGmfgmxtYne0GZdTs4ZArBLnc7JbUpO0G6XK0HvzXP-KgpK8zfL99fb2V9eLJB-yD6t49xvP8v14KVuoT9jrfyS5wKAZ7VnmsFxIkbk_BPzuTfbJ8JWdgM8qIwQSaauTLxeXq3Fsg7yjpoTNlC1-nAYBv9KOZOk0qNGv9ORTcz6blagO_GSR7uhHKzsCsC8vTU_vtK0mWQKyI5cRsoJpXkaXNq76CsAZEQ9QU-ACVBhSr2lpz3FMj9FulGw2PhAMv_K7-cmA0ahJdhEhg8OFNkqQ6h1U
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://steampunkcons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.b84a43da54.js
c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/published/874319/1098839/ Frame C35E 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/published/874319/1098839/document.b84a43da54.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60dc6ced6a4b661b37d8acec?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_7WdYodYcfsKJGfx_APjpmQwAGwiJyPZPHksfyaDsOEzq63CRABIJr1gAJg8a38haQfoAHP7qi6AsgBCakCFOZQpIbDfj7gAgCoAwGqBNcBT9AG4QnsVEVaw2gBxmGvwAu-n8BbzpIH7rB3SKjAlyCO7VKZhJ3BBGWOH3cy0lTWJ78UUrtgjUvzx0s4C795cu3X9WEJrs7Ai5RtkBadI6FBoK_idujxGWazhgCqyNjHNzE-kjyvUoGpA5OVN_NnKfynvhjeDyB9QDWz1VXjn3sgyXRneFISk1Bfyv-We1NT0AdeXriPSmpSJIaLk7l0cbyZtc87ujW54sPHMBabTt4essPcbVV65DN6I1oBhS0TL6RP_hdyCHjS_7WByWMeQT-03gfKlebABOCgjvbQA-AEAaAGEYAHmZHXxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAG4DAHYEw3QFQGYFgGAFwE%26num%3D1%26sig%3DAOD64_1OW5Vj46OADtpTq6C9atFszqm6IQ%26client%3Dca-pub-6166554524634665%26adurl%3D&cb=895070086
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3d8db5fdc62b5b56b4eda9a4f3bde98563ec0c3f16a4b356d32ecc4721f34e

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Aug 2021 22:32:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
uEpD2lQQTWnoqiT1+8jh2g==
age
966346
cf-polished
origSize=14329
x-ms-lease-status
unlocked
last-modified
Fri, 02 Jul 2021 10:03:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
03c7a29d-a01e-008f-7eb6-8b644c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
680e990b1ae14a5b-FRA
cf-bgj
minify
animated-creative.ae0dd63dbe542648d6b7.js
c.bannerflow.net/scripts/ Frame C35E 		130 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.ae0dd63dbe542648d6b7.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60dc6ced6a4b661b37d8acec?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_7WdYodYcfsKJGfx_APjpmQwAGwiJyPZPHksfyaDsOEzq63CRABIJr1gAJg8a38haQfoAHP7qi6AsgBCakCFOZQpIbDfj7gAgCoAwGqBNcBT9AG4QnsVEVaw2gBxmGvwAu-n8BbzpIH7rB3SKjAlyCO7VKZhJ3BBGWOH3cy0lTWJ78UUrtgjUvzx0s4C795cu3X9WEJrs7Ai5RtkBadI6FBoK_idujxGWazhgCqyNjHNzE-kjyvUoGpA5OVN_NnKfynvhjeDyB9QDWz1VXjn3sgyXRneFISk1Bfyv-We1NT0AdeXriPSmpSJIaLk7l0cbyZtc87ujW54sPHMBabTt4essPcbVV65DN6I1oBhS0TL6RP_hdyCHjS_7WByWMeQT-03gfKlebABOCgjvbQA-AEAaAGEYAHmZHXxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAG4DAHYEw3QFQGYFgGAFwE%26num%3D1%26sig%3DAOD64_1OW5Vj46OADtpTq6C9atFszqm6IQ%26client%3Dca-pub-6166554524634665%26adurl%3D&cb=895070086
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116acec5db11b97c811de6143642ae413dd788ece902a0272af9580441b30e7c

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Aug 2021 22:32:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
+OfEsQmeo8cj6AuyF+j7Bg==
age
4170859
cf-polished
origSize=133564
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jul 2021 10:33:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1829eff-b01e-0093-6e91-6e362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
680e990b1ae24a5b-FRA
cf-bgj
minify
activeview
pagead2.googlesyndication.com/pcs/ Frame C35E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4OxYMFKXVq3zxqOjZPLddTW61E5wEdBSQGBIPAz0_109-c62Y3hcJRJ5w8F1q9TjdOPTfz5O38mdtDp-ZxkLdEvxuUScd-1hzN6gnrk48emJLh1TdcEM-UysLlUOrpGqAzyLu35Bx2fRuoBrhZWQx&sai=AMfl-YQ2nMDqwgQMhjEtStl2Yrl75bqQrtmNsr16_grkjYZFTtX-Rx_Pq3QRIF7lNvD8PP1nVCtdHnBi0qjk73jhnBl9Uvbir0YU73lIZXR4O8PR0ffkqp-Swejk5YIq1u8k&sig=Cg0ArKJSzBe7Umj52X10EAE&id=lidar2&mcvt=1027&p=729,315,819,1285&asp=729,315,819,1285&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1207721732&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629325942283&dlt=23&rpt=266&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C35E 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
font
c.bannerflow.net/fs/api/v2/ Frame C35E 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F6093f78ada7efd391f535bb1%2F63ccfbdf-fcae-4ccd-ada8-858321ee76b0.woff&t=%20BLaeilmnorst%C3%A4
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c454ab12e05be464c053d77ceea3cb72436c437e1a92b4a672a54ff35140e6

Request headers

Origin
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:23 GMT
cf-cache-status
HIT
server
cloudflare
age
1007409
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=63ccfbdf-fcae-4ccd-ada8-858321ee76b0-subset.woff
cf-ray
680e990c3c3d05f9-FRA
expires
Sun, 07 Aug 2022 06:42:14 GMT
font
c.bannerflow.net/fs/api/v2/ Frame C35E 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F6093f78ada7efd391f535bb1%2F912c12c0-9fe4-480f-9b55-c2622b8970f7.woff&t=adefghijklmnoprstuvy%C3%A4
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c39a584fabf34f5fbd3aff9bd8024ebec56ae10b255705368cb9d282f487c28c

Request headers

Origin
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:23 GMT
cf-cache-status
HIT
server
cloudflare
age
3983580
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=912c12c0-9fe4-480f-9b55-c2622b8970f7-subset.woff
cf-ray
680e990c3c4105f9-FRA
expires
Sun, 03 Jul 2022 19:59:23 GMT
font
c.bannerflow.net/fs/api/v2/ Frame C35E 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F6093f78ada7efd391f535bb1%2F057be0e9-0dba-4de3-a98a-af825db39ef4.woff&t=%20%2F2459Faceiklmnrtv%C3%A5
Requested by
Host: 970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
URL: https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6776e33a137bb2307bdf44890d7ce38057c535cef8ebf84f55beeb34ef6a124

Request headers

Origin
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
Referer
https://970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:23 GMT
cf-cache-status
HIT
server
cloudflare
age
3983580
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=057be0e9-0dba-4de3-a98a-af825db39ef4-subset.woff
cf-ray
680e990c3c3f05f9-FRA
expires
Sun, 03 Jul 2022 19:59:23 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 7126 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fkinto%2F6093f7aedd5537e3c91ddb0d%2Fimages%2Fdab25e6c-00a1-4246-a9ff-2076647378be.jpg&w=231&h=200&q=90&f=webp&rt=cover&x1=212&y1=0&x2=1221&y2=874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c1cbbca36c0eebc2f0ae00df8c2418756fc8c3d2055af3193cfebda7802a5e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 22:32:24 GMT
cf-cache-status
EXPIRED
api-supported-versions
2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
680e990dbee04a5b-FRA
content-length
26110
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
20749da8-38da-44a3-a368-5fda97af40e7.svg
c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/images/ Frame 7126 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/kinto/6093f7aedd5537e3c91ddb0d/images/20749da8-38da-44a3-a368-5fda97af40e7.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5b97c741a85c77eb6eb14c6a4c8bbff1c55873cc451c2f37ef8e5755ff53d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Aug 2021 22:32:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
SG8ssTamcZO2hV94j6j66g==
age
1275
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 10:06:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0b625381-301e-0079-56f7-6f1102000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
680e990dbee34a5b-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F31 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=270.0000&a1=https&f1=layout_html&s1=0&d1=23.0000&i=532742054399&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F5396358199666586183%2Findex.html&qqi=CIj754_Qu_ICFZHPEQgdjgwEGA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 22:32:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| googletag string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| skel function| onorientationchange object| jQuery111301717859257430776 object| $a object| b object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

970c994e8d8d73fc94e8c12973631b3b.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
c.bannerflow.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.animecons.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
steampunkcons.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.185.98
2606:4700:3031::ac43:a3a0
2606:4700::6810:c40
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9c
64.90.41.203
01372300e22c8857b844e88ed0de27ae760f4f71948338486301b2a21c5af675
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
06ba26b4755ece0fb20384a6390dcf606779982cf9c170fdafd2a2071aea2f0b
079b59ad944f04648147d1ca48d18d73e190f86f424d82ca61b3af1500f5f182
116acec5db11b97c811de6143642ae413dd788ece902a0272af9580441b30e7c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
26c454ab12e05be464c053d77ceea3cb72436c437e1a92b4a672a54ff35140e6
2994cee99fb86b7486a072c146d16b0e40ad9087bb25adf9a9723d3fd0394225
29c23faba2a553b3dde4bbcff8e19df4a2b6464e21f3d800d3a8cafebbc28a66
2bbc63fdeb41d926c6d7f88a588d3db6397ef156d4a042f7d4caee9546f74a59
2cf781ec9085a5ff46fef0559218f4e5109e15994a1aa36b522a6b2ddfc86454
2e3d8db5fdc62b5b56b4eda9a4f3bde98563ec0c3f16a4b356d32ecc4721f34e
3607b398139d806d01a116adfd7e708f036291984cac7eafe4ffa4d8b6423576
394979cfb89fb9af735a57535c5b3e8254ac6b8184f6d077453645db64d532ed
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
4b86eea77e6a68f6dc79fcedc33f6d63360a8e2d8df2944fdf5ccae8c9b96a4a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50ece40424d173fd523cba4542f492af782c9806d1119c843fecc973476dd5d9
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5b23a9a6ecb7dcd0a48fd166739ed50cf6f5c46b93c9654b6a761241816c3dd0
5f615b3109840e786d444387b2913d75445cd70b65f1c00c996ed13b7462a7d2
66d9f0259a3a2d0bba519ccbcea8c40bcb493d9ab9215e2f8cda8d8439f5dfc9
6ca18a720cd33c55b60a69c1858568ef98ff43e964e77c889e3f5ea4178f3f68
761277f4e0a9c92901afe6dc600d6518d66b675327368a72d94133f2a4e266d5
7d4d900e965891c564158721bd182b346c96f3c164444e6e722a54cfdc069810
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a0ba4262532e02c6081bc7e722f3357dfe3f7edef6c9096b68b3f7f1b5d619
9060e86019f6ed23c8c45c352add18b825ab8dc0e9186403368a77897df08bad
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93c1cbbca36c0eebc2f0ae00df8c2418756fc8c3d2055af3193cfebda7802a5e
962bd93b600253ced3c39daae835453456c6970e1dd7b31423dd929bca8505d7
9bd1f41b34802f31d3cc5fcba33592f6b3d11ac9ec866b59cf39b3ac0a30cd2d
a3b405b2510fba2b69acd54d409aed128fe35cd7f0827d414e0551d8127954e2
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51c68b01b7d5862cf173bb33b349668a36417c58688c6fdebf24b6b3c06b8ce
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab5b97c741a85c77eb6eb14c6a4c8bbff1c55873cc451c2f37ef8e5755ff53d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0119ad8dca2bc740f09586d45c6f2277750f4a9ffc4a5142b7d092c508da746
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
c39a584fabf34f5fbd3aff9bd8024ebec56ae10b255705368cb9d282f487c28c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c93e56bfb68f8389b5decfcfb621863b3d4884039501f8290458d8345225fec4
c9d18cf4b18d417f4d1246917ffcccee70384d02ef0b36a189f7cb4c6837b822
d305359ca5fc23fa9ea7544d162ab1fa73cf917335bff2cd87a12e9f1eba7f10
d5bd22cb3c4050e97252bc32883b1a8fa2fb3ef5de82a38a3004e99df8fdaa2d
d64539c3b80f1e8c8b883c3e024f655976fcb8e7a5808b1fec436d08bb7bf062
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6776e33a137bb2307bdf44890d7ce38057c535cef8ebf84f55beeb34ef6a124
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
df348741bdb96b0f22c52773b1849543fc5fb6e371234da91bc27f5c0c3800c5
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e1c7459f68e98c4a4ecdb9f0a02bec3ea83ab7de8c444ec4dea514f290e2c2ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59cb93d79072065f7a9a63afd7830110ae47782ae5a40d46f16507e2a1ebb1e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2487fe770f52c8631150215b55a2bb12a4bd9a9815f458212c85188c27e6e53
f6fb7ab98c9da6742f4ec08520f301dac639f140e0e165ab2fdc889d43aca8d7
f841fbc8f1c113a212eaafc553ece315c624ee0f2b6373518f89a224dfac3cf1