worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev Open in urlscan Pro
2606:4700:3037::6815:3faf Public Scan

Go To Rescan
Add Verdict Report

URL:
https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Submission: On October 10 via api (October 10th 2023, 12:32:54 pm UTC) from US — Scanned from US

Summary HTTP 115 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 64 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3037::6815:3faf, located in United States and belongs to CLOUDFLARENET, US. The main domain is worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on September 12th 2023. Valid for: 3 months.

This is the only time worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3037::6815:3faf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25f... 2600:9000:25f4:a200:6:8542:9680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.64.114 151.101.64.114	54113 (FASTLY) (FASTLY)
7	194.127.139.227 194.127.139.227	43916 (INTERWETT...) (INTERWETTEN-AT-AS)
1	18.238.25.102 18.238.25.102	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
3	35.156.113.70 35.156.113.70	16509 (AMAZON-02) (AMAZON-02)
1 3	2600:9000:24f... 2600:9000:24f7:fa00:0:4b9a:3a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:402... 2607:f8b0:4020:807::200e	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:16::17c4:324	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.57.108.94 52.57.108.94	16509 (AMAZON-02) (AMAZON-02)
4	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2	52.42.83.58 52.42.83.58	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	3.160.22.21 3.160.22.21	16509 (AMAZON-02) (AMAZON-02)
2	54.184.101.79 54.184.101.79	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.46 185.167.164.46	198622 (ADFORM) (ADFORM)
1 16	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
2 3	3.234.8.147 3.234.8.147	14618 (AMAZON-AES) (AMAZON-AES)
1	23.196.60.110 23.196.60.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.127.179.56 3.127.179.56	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.151 23.105.12.151	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	3.234.8.37 3.234.8.37	14618 (AMAZON-AES) (AMAZON-AES)
1	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.71.74.215 52.71.74.215	14618 (AMAZON-AES) (AMAZON-AES)
1 4	23.46.225.71 23.46.225.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.242.29.207 34.242.29.207	16509 (AMAZON-02) (AMAZON-02)
1	52.218.61.51 52.218.61.51	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
4 4	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	3.221.126.30 3.221.126.30	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.160.5.58 3.160.5.58	16509 (AMAZON-02) (AMAZON-02)
2 3	52.44.10.91 52.44.10.91	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.16.78.185 50.16.78.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.160.22.127 3.160.22.127	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	23.47.169.12 23.47.169.12	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	50.19.163.18 50.19.163.18	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
3 4	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.204.69.95 23.204.69.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:25f... 2600:9000:25f4:d000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	3.217.114.50 3.217.114.50	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	3.210.56.21 3.210.56.21	14618 (AMAZON-AES) (AMAZON-AES)
1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
115	49

32 2606:4700:3037::6815:3faf (United States)

ASN13335 (CLOUDFLARENET, US)

worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f4:a200:6:8542:9680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.priv.center	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.127.139.227 (Malta)

ASN43916 (INTERWETTEN-AT-AS, MT)

media.gamesassists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.25.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-102.cmh68.r.cloudfront.net

cdn.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.113.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-113-70.eu-central-1.compute.amazonaws.com

sportsbooksoftware.germany-2.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f7:fa00:0:4b9a:3a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

prod-origin.truendo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:16::17c4:324 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.108.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-108-94.eu-central-1.compute.amazonaws.com

www.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.83.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-83-58.us-west-2.compute.amazonaws.com

js-api.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-21.cmh68.r.cloudfront.net

static.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.101.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-101-79.us-west-2.compute.amazonaws.com

js-content.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.46 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.167.164.37 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.234.8.147 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-8-147.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.60.110 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-60-110.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.179.56 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-179-56.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.151 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.234 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.234.8.37 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-8-37.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.74.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-74-215.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.46.225.71 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.29.207 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-29-207.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.61.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.98 (Old Bridge, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.126.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-126-30.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.153 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.5.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-58.cmh68.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.44.10.91 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-10-91.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.78.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-78-185.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.127 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-127.cmh68.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.169.12 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-169-12.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.19.163.18 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-163-18.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.119 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.69.95 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-69-95.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f4:d000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.114.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-114-50.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	workers.dev worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev	6 MB
20	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 4131 s2.adform.net — Cisco Umbrella Rank: 7290 c1.adform.net — Cisco Umbrella Rank: 643 dmp.adform.net — Cisco Umbrella Rank: 3616	45 KB
7	gamesassists.com media.gamesassists.com	262 KB
5	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
5	otherlevels.com cdn.otherlevels.com — Cisco Umbrella Rank: 43532 js-api.otherlevels.com — Cisco Umbrella Rank: 27639 js-content.otherlevels.com — Cisco Umbrella Rank: 49025	39 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 470	5 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 542 ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 734 stags.bluekai.com — Cisco Umbrella Rank: 669	1 KB
4	evergage.com sportsbooksoftware.germany-2.evergage.com cdn.evergage.com — Cisco Umbrella Rank: 31785	73 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 402	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2979	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 761 ice.360yield.com — Cisco Umbrella Rank: 2362	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	truendo.com 1 redirects prod-origin.truendo.com — Cisco Umbrella Rank: 194773	33 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 434	719 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 649	935 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14143	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3315	722 B
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2959	499 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	839 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 445	817 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1189	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1270	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	487 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3185	693 B
2	getback.ch www.getback.ch — Cisco Umbrella Rank: 216847 static.getback.ch — Cisco Umbrella Rank: 221703	941 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	171 KB
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 8495	156 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2433	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1723	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29639	49 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	435 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 893	511 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1584	278 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 3151	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 2273	499 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2109	641 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 587	652 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 27221	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	470 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 32266	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 924	632 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 2048	299 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 602	869 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 620	638 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	668 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 504	662 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 37873	466 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 41644	114 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4654	47 KB
1	priv.center cdn.priv.center — Cisco Umbrella Rank: 191846	79 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
0	1dmp.io Failed sync.1dmp.io Failed
115	64

	Domain	Requested by
32	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
12	c1.adform.net	1 redirects track.adform.net c1.adform.net
7	media.gamesassists.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	cm.g.doubleclick.net	4 redirects
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	tags.bluekai.com	c1.adform.net
3	track.adform.net	www.googletagmanager.com s2.adform.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	prod-origin.truendo.com	1 redirects cdn.priv.center worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
3	sportsbooksoftware.germany-2.evergage.com	cdn.evgnet.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	js-content.otherlevels.com	cdn.otherlevels.com
2	js-api.otherlevels.com	cdn.otherlevels.com
2	www.googletagmanager.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev www.googletagmanager.com
1	pixel.sojern.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.targeting.unrulymedia.com	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	ib.adnxs.com	1 redirects
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	stags.bluekai.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	bh.contextweb.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	s2.adform.net	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	cdn.evergage.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	static.getback.ch	www.getback.ch
1	www.google.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.getback.ch	www.googletagmanager.com
1	tm.ads.sportradar.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	cdn.otherlevels.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	cdn.evgnet.com	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
1	cdn.priv.center	worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
0	sync.e-volution.ai Failed	c1.adform.net
0	sync.1dmp.io Failed	c1.adform.net
115	75

This site contains links to these domains. Also see Links.

Domain
authorisation.mga.org.mt
www.ibia.bet
www.gamblingtherapy.org
www.playfaircode.at
www.thawte.com
www.interwetten.com
www.interwetten-affiliates.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.interwetten.de
www.certipedia.com
cumulusfinserv.com

Subject Issuer	Validity	Valid
interwetten-gaming-ltd.workers.dev GTS CA 1P5	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.priv.center R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.gamesassists.com Thawte TLS RSA CA G1	`2023-05-05` - `2024-06-04`	a year	crt.sh
*.otherlevels.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.germany-2.evergage.com Amazon RSA 2048 M02	`2023-07-05` - `2024-08-02`	a year	crt.sh
truendo.com R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
tracker.ads.sportradar.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.getback.ch Amazon RSA 2048 M02	`2023-03-09` - `2024-04-06`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
static.getback.ch Amazon RSA 2048 M02	`2023-06-28` - `2024-07-27`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Frame ID: 34FCB45F1DB9D0094CB4F2E3F1892C1A
Requests: 65 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Frame ID: 244AEF1AE748F42552687CE0DF2FE6C2
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Sportwetten mit Top Wettquoten & 100% Bonus | interwettenOnline Sportwetten mit Top Wettquoten & 100% Bonus | interwetten

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

115
Requests

73 %
HTTPS

15 %
IPv6

64
Domains

75
Subdomains

49
IPs

9
Countries

6830 kB
Transfer

12648 kB
Size

89
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://authorisation.mga.org.mt/verification.aspx?lang=en&company=18b4232d-4177-48dd-a776-f2a4c8e6bf39&details=1

Search URL Search Domain Scan URL

URL: https://www.ibia.bet/

Search URL Search Domain Scan URL

URL: http://www.gamblingtherapy.org/?ReferrerID=338

Search URL Search Domain Scan URL

URL: https://www.playfaircode.at/

Search URL Search Domain Scan URL

URL: https://www.thawte.com/

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/dfb-partnerschaft

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/fc-liverpool

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/borussia-moenchengladbach

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/pdc-european-darts

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/erste-bank-open

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/oesv

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/partner/nhl

Search URL Search Domain Scan URL

URL: https://www.interwetten-affiliates.com/?l=3
Title: Affiliate Programm

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Interwetten

Search URL Search Domain Scan URL

URL: https://www.instagram.com/interwetten/

Search URL Search Domain Scan URL

URL: https://twitter.com/Interwetten_com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/InterwettenWebTV

Search URL Search Domain Scan URL

URL: http://www.gamblingtherapy.org/
Title: www.gamblingtherapy.org

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/sportwetten/l/1019/deutschland-bundesliga
Title: Deutschland Bundesliga

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/sportwetten/l/105379/europa-league
Title: Europa League

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/sportwetten/l/10410/champions-league
Title: Champions League

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/sportwetten/highlights
Title: Sportwetten Übersicht

Search URL Search Domain Scan URL

URL: https://www.interwetten.com/de/casino/trending
Title: Casino Übersicht

Search URL Search Domain Scan URL

URL: https://www.interwetten.de/de/sportwetten
Title: Interwetten.de

Search URL Search Domain Scan URL

URL: https://www.certipedia.com/quality_marks/9000007578?locale=en

Search URL Search Domain Scan URL

URL: https://cumulusfinserv.com/banking
Title: Call To Action

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://prod-origin.truendo.com/region/config HTTP 302
https://prod-origin.truendo.com/regions/US/config

Request Chain 68

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770

Request Chain 71

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=958164021882533390&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=958164021882533390&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=b064cdd9365344309e2d809dde646ff7 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=419babe6d50e0a5f34cb6b41c138e0234b53be14442d87625982d979fa4a0953

Request Chain 72

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=958164021882533390&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=4931960368693653661

Request Chain 73

https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1&verify=true

Request Chain 75

https://x.bidswitch.net/sync?dsp_id=70&user_id=958164021882533390 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=958164021882533390 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=194516f6-02f6-4fd8-9176-43508241ff11

Request Chain 76

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770&C=1

Request Chain 77

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=958164021882533390&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=958164021882533390&sInitiator=external

Request Chain 78

https://ps.eyeota.net/match?uid=958164021882533390&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=958164021882533390&bid=9gdtmu1

Request Chain 80

https://idsync.rlcdn.com/398366.gif?partner_uid=958164021882533390 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSOTU4MTY0MDIxODgyNTMzMzkwEAAaDQjyiJWpBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589&expected_cookie=36b77344-599f-44ad-b7bf-6a7594b6d99b

Request Chain 81

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent=

Request Chain 83

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=958164021882533390 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=958164021882533390

Request Chain 84

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 85

https://pixel.onaudience.com/?mapped=958164021882533390&partner=68 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=97e7395274c6c58b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=VnFOb24vSGQ5OWVVRTBQaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEE677FoWvdDDjI3I2cswD8A&google_cver=1

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTU4MTY0MDIxODgyNTMzMzkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTU4MTY0MDIxODgyNTMzMzkw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM04_SwhI9A6hlpbqMuRRx0&google_cver=1&google_ula=1641347,0

Request Chain 88

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3985086500649229675&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=958164021882533390

Request Chain 92

https://a.audrte.com/a?adform_uid=958164021882533390 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTUyR3FMWnpaWGJTZHUybi1ZRmJtOWpJdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 93

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=958164021882533390&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=958164021882533390&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=68015259325709209161581101000595501362&noredirect=1

Request Chain 94

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=958164021882533390 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213060604665006088349

Request Chain 95

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288306828415793294

Request Chain 97

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=dd376525-4472-4c00-b8b4-7d9d93b4c9de

Request Chain 98

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=p02UQ81j1QQbUS5

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0506dd64-cbc3-4203-b31c-6f217b2aeb22

Request Chain 100

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=958164021882533390 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=958164021882533390

Request Chain 101

https://id5-sync.com/s/10/0.gif?puid=958164021882533390 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=958164021882533390&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=3985086500649229675&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-55354-DUSR2Ds_1PFVImUGO3Nz5reX9DjxTrefmVLw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=9ea2ecce-89fd-4225-b16c-81e904bbba48&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 102

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4129286026 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=dNE2sGTWUJHJGqOPHhNDt.

Request Chain 105

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=958164021882533390 HTTP 302
https://sync.1rx.io/usersync/smaato/fc4923e6f2?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/smaato/fc4923e6f2?zcc=1&cb=1696941171286 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005

Request Chain 106

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=958164021882533390&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=958164021882533390&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%25253Fparty%25253D2007%252526cid%25253D6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0506dd64-cbc3-4203-b31c-6f217b2aeb22&ttd_puid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%2Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%2C HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20

Request Chain 109

https://eb2.3lift.com/xuid?mid=7354&xuid=958164021882533390&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=958164021882533390&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
42 KB 82ms
28ms Document
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 813ee35b8d300cc0-EWR
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 10 Oct 2023 12:32:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41k3PvNwUUYIghHoPGOZMKgU3gT8HCOFzgdx82COpwvfste6BSZbrIvMP4GrwDpeLP%2FlmshHeB8qaxH8wVNrH5fVyVBC73Q8hWw1zKpQ1l0O389lI3T3Mbamw7F5EJeelEmDKrP7AWDBhHX9ghj6UO0PXtnKHTEW8Q9jax7pDWTwN1VdTziM0%2B1t%2BsmONdoqiv1sjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 app.pid.js Show response
cdn.priv.center/pc/ 366 KB
79 KB 125ms
37ms Script
text/javascript 2600:9000:25f4:a200:6:8542:9680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.priv.center/pc/app.pid.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f4:a200:6:8542:9680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f3f0e09dac953258868ed01f37be5fcdf0ad83f85e22b8002c0fe004b2fd2ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 09:32:08 GMT
content-encoding: br
via: 1.1 13da95a9986b650e208a13e3d3754a9e.cloudfront.net (CloudFront)
x-amz-request-id: 0M1AAD5MCCNB5R3A
x-amz-cf-pop: CMH68-P4
x-amz-server-side-encryption: AES256
age: 10841
x-cache: Hit from cloudfront
x-amz-id-2: Hom0FfcOkpWbySkKKNSK/rG0eIifC0t+588pKq8mqVlPnKKyAoswYjh3ML4GpkhTFf5etcAh0aA=
last-modified: Fri, 22 Sep 2023 07:38:32 GMT
server: AmazonS3
etag: W/"a17d889e70c4d98f0d50db54880f891b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=21600, s-max-age=86400, proxy-revalidate, stale-if-error
access-control-allow-headers: Content-Type
x-amz-cf-id: _-mRpCJ8zxWErDrgpElFXwckjiZMAhPvtpQQUPShlC1XwcOFeBdVAA==

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/sportsbooksoftware/comqa/scripts/ 172 KB
47 KB 59ms
32ms Script
application/javascript 151.101.64.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/sportsbooksoftware/comqa/scripts/evergage.min.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847f419323dd20e4aabbcb4c7cefe5d58dcaaef05ce3ab52de34d3e67cb41268

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: ro7AzT_cDtsgTOgGF3IOMwEekGgKqpyQ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 10 Oct 2023 12:32:48 GMT
x-amz-request-id: JG96DT2231R51ZJW
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
x-amz-replication-status: COMPLETED
content-length: 47082
x-amz-id-2: 8rUunpCsBgT2jsBjsKrJOHZ6s8BFjq1LQNmymM4xmujndLzmkEos0bj9dmJx1asf4Kv1fMyUsjg=
x-served-by: cache-iad-kjyo7100098-IAD, cache-lga21965-LGA
x-amz-meta-evergage-sum: 0a0a32803de8562e184b0ed21e0b68c219ed4b4f
last-modified: Tue, 03 Oct 2023 23:58:14 GMT
server: AmazonS3
x-timer: S1696941168.984048,VS0,VE19
etag: "30f23d72835fd94823a91d27b95c99c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 14, 0

GET
H2 200 common.min.1ce13120.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/ 336 KB
42 KB 13ms
11ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/common.min.1ce13120.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9A%2B9o8rY4Yaj7hywTNhQJjoQ7IMTZTFWhZziAbhD9WJOObvf4Rfn%2FmI6ZlCZ607zity4DZk3Idx%2FFvqJMvJrSzbphOh9lkEL6weAHnvA7QUuA70Q9BxKaWgV4yd3kTwxvngSlWBz%2BK3xev3rJNOiRYIq9%2BN1ras4vYL8ru7E%2BVJUKp89c1JADZYjhopzbToxL4YOfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd690cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 sportsbook.min.4121e1e0.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/theme/ 336 KB
42 KB 12ms
9ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/theme/sportsbook.min.4121e1e0.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aLJyw5rNRWS3U6Tm%2BzpBtP%2FBb%2B6qnxwLbA2%2BctH5zkwf7Wp7gX9osofdXXC4cyNSyX2zo0bDtgUGmuGgVi1qRcegHA%2BfKwtwSHbBcrm%2FgrQv5%2BJrSSOehwRB%2B4Moix4YT%2B4z%2BUjXo09B6RyoqSgthrIAiwB2DJYynWcz8hGD%2BdfR13Dk5ftvXBQ62FPDgPjvI6E9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd6a0cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 license-0.min.7d5f55b7.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/ 336 KB
42 KB 15ms
13ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/desktop/license-0.min.7d5f55b7.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rooVrxDCSG%2BA6WuB0LyhA7waKpxMqHHlTEmmDrpZODh%2Bss5ym8s3XCBpWt9Ry%2BLoT6zIW3RlO7YWJ6y6C0ddjrULXhBAUCSpiiOvzoaUbe%2F2r1X2oALIj1smWS4Mdpc2vNGDnW4ndCN3nJWCCVYTpTBqBnocHCFwMfXykxrkMBBkEmEkzmI5yB5vXOZz5mr1U%2FUUUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd6b0cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 otherlevels.min.7560086c.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/ 336 KB
42 KB 13ms
11ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/css/otherlevels.min.7560086c.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5a2U5S5lt16zuWB9tn5APlhWMvvo4z1tuNYufAbjcp7E0UV9zT0Ms3agzTAFSnhuioXBLfyoDXtkTCBkPwm2B71v%2FZx%2BbxRGAID5hHxIjcUcZsg45QijMpfp8EGcVmga0XCM5RmnneZYgUaMGz4v5V4s8Ms1GglVlMlQOD%2B1aS11c1zWd81vCaV94aQpXoRJW3T8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd6c0cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 transitional-desktop.3a23e09c.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/css/ 336 KB
42 KB 22ms
20ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/css/transitional-desktop.3a23e09c.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaK8tc4jkvp13fbYh%2BdR%2FKrVjTzpBH3jEuRacNUv8X2nj%2BJP3MT4KcIQ1FARfMJ1MfYsJXprH1bpysOQp0Q9Rz8zjLbaR7pbmO0ac9YY8gicsJjtrKmMoNgpPxNelDxiX0WE6vUETaFzwdnhAsV2UXKNW1FcRPWyQCcgpO%2F7pG6w%2B3hY1Romdhvjd2ip7Gm1zkGvWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd6e0cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.949d3e43.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/css/ 336 KB
42 KB 17ms
15ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/css/main.949d3e43.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sp6h01ANCdBKiJ7Ay7fRzeZal12XTjprEk4JHHM41PD9Dz8ALexoRVJXJu9vWhuc%2BWmQpx7q2EQcc1G4t%2Fqv%2BWT7KH6a9ramGEie3%2F0Jgz6AkVTL1fHp4oVfluepNjMB6ibA4Zmxmtu3hHZS%2FmR70sCG8VGaqEmAsybOifktKBzALBxUL54MJ%2BhzQ64apgozBJd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd6f0cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 roboto.css
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/css/fonts/roboto/ 336 KB
42 KB 19ms
18ms Stylesheet
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/css/fonts/roboto/roboto.css
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWBg0DCh88BqrycoqcnObcIEk5DUJpRKIpUA%2F98A%2BUomn6ICsqxGzQY3R06izZz2A5QTq24m511ICL5EOFhhhzZmFVxIjqQWk9ebhmprBFbjLNJSK%2FEutXhs7OV8rPhHg9ayTPJkD2z9TBxa9rhFGj7%2Fqs9nRNLZChUUGQ5vpE6qj3aEAF40n75K%2BxR7Y83FQSjTWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35bcd700cc0-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 iw-logo-simple-colour.svg
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/ 336 KB
336 KB 20ms
16ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/iw-logo-simple-colour.svg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXnE%2FwJtRga7ta7KdkJi%2FKssNtLvhXJTw9yr8yP720QwhjgUUx0i9PWbRq3%2FEP14bAhsib1f%2BTM%2FZwCe7hK38d2kLgF0Wsz0Cag90k7KdpeR8Bor1k%2BMHxJMjaLL5HrbzapDZN%2FCvc0M%2Ff%2B1Og9f15um3w1hWGYbL0i2DsQY7I2XIVawnmRXd6d0jisLTk21XDxJZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df2c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 iw-horizontal.svg
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/ 336 KB
336 KB 37ms
33ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/iw-horizontal.svg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo770jRrmjdkHF2qtVhCwdTOIcjX1gjK%2FcBphsZY6ZXC4tcXN%2Bj64nkMzyUKggxKTsDcN6FG%2FtrYSS0qE%2FOeHsi8GHxRAaUegbKQs%2FXrvSEEpra0DVCpuislgobzmZA8AaM%2FxlmwJ3vgR1o1ILFcv01QELjkfUr4PjEeQA0%2FA8DB6iCuVFwciH8inIdee4RBZDZbUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df4c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 332895.png
media.gamesassists.com/images/ 73 KB
66 KB 1706ms
409ms Image
image/png 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/332895.png
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: b4e1ab9bb1849ab3ab97654c1d034c6663b61342296fdd8fc08470890ca5485c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 14:58:37 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
content-length: 66767
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H2 200 74873.jpg
media.gamesassists.com/banner/ 15 KB
15 KB 1603ms
306ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/banner/74873.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: 5d85ff895eb489970c41136287c5a4cbddc41557bb98f60524ddd419bd2cd271

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 14:25:11 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 15194
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H2 200 326998.jpg
media.gamesassists.com/images/ 44 KB
45 KB 1705ms
409ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/326998.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: 8b5bca04800ec844b93086f59605c141fb3bcd2dbddfd1ed2b745caece4245f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 11:50:51 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 45295
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H2 200 327006.jpg
media.gamesassists.com/images/ 64 KB
65 KB 1610ms
313ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/327006.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: 624a22c9b3d98e782eb28c20f81491d6db2c2b8112a8a54dd42ba1538fc7948a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 11:50:54 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 65941
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H2 200 332761.jpg
media.gamesassists.com/images/ 36 KB
36 KB 1705ms
408ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/332761.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: fd70fe510f0c0739ff16920b8fd3af813658fba0819eda223119bb0b99c2dfec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 11:13:22 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 36927
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 17ms
14ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f10%2fd2a2a6be-f528-48b1-aa73-f957b146e8a1.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPTgpNEpKbdO7xD6XeHozThhG1UzULGW5PtdcJdWeo8UIv0Z2sKgL%2BYzUQLAMiM1qOcNxqLMbuL52LC9PjNEv%2BZ56cmZ%2BB5YR0OCwI2ssJBhUDq5pN8nIwzIHbLaGUUGi6ObXqmIO0sCvxh3j85jM8fIShzR1u5SWGgZlNNlU7MYPn2%2FRPNxZhn13yCIPs2ziDok8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df5c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 22ms
18ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f9%2fc501b773-3981-495d-bef9-1525b0363588.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLf8OHoDvSoy38%2BcqjZ6DvqoGKHXgoAqXXqAdf3Bm6uiYeuZLrJ0SNwbBba8uo5juno8P9k5uElcJgbTiSDBTA%2FKkS5HIOlC5YsZeJPtzE1%2BhnO%2FLwR8xPV27MOwh54nL%2Fx53pigY2NJZF7Ad8oTewx6Qs1SO9kxzM9SCHGsUlqR%2F6IPxLIcuaFmZ%2B%2B%2BHy8kARCM9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df7c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 15ms
12ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f9%2f6a5c7060-a7b2-4845-bac1-15a2a8105e03.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwrHr6AMcA98aVwJcR%2FH%2FUT5DgPVd191eaOOfTrbtFsCDu3fd%2B2LvJYD84M0x2CWC9Vyfq7WYsCxofsWpj%2FtevRfA3NWNbefFhP5lhO1ij4gebY4TJzQ3mUJxrhFgtbOIfZkyiGaJa%2BUOeMgFUyr3lDUXmhtu4xqsKA9mHsZqXLEiSzL3vAeveYf%2BoC0LSLvPPwadQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df8c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 23ms
19ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f6%2f48624e62-259c-4d6c-b1f6-7ec89656edaa.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xFSUZxzO2YytfcQuWvvcihZMBwpay6q2iHIs1S6JDlPIkWlo8LdlcM4KH4Ci7RkPL1Ijl%2FbzkAzZ2xmvdEpEWR8eSBARha3PqQHzI7J%2FK61jUb%2F7Bn5SVASmPeRnAhNCvniIcQ%2BoU%2BTFXQtV70yKg3EuV%2B6jpUUaht3OjOKXe2LHL9ncEypeG%2BdKfPmNwnpaaqIsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0dfac411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 26ms
22ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f5%2ffa226ee3-c4f8-4f01-a428-e941ada2c04d.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhbT77tZzNKlbVUOIIhcm51p9vTudAFjLFuusOjfAQV%2BBNr79lKBAwTVRppVjO%2BY4MrUPXGVALJdCa1FaSY41umhX9SV1%2BDAWRX%2B40hGkMjtpnP72jBRUKtjcQV3RaNTY34rer755R8hQBAG7nB8buxcO7r6EEa1qLsxiuGKRKESDFFvI8n170DPVXluSf0fToqF9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0dfbc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 32ms
28ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f3%2f5885825b-01aa-48b2-a4a0-5d94d32f2421.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxxgMwS9DqpIb12nGq74geK%2BkT4kQz%2FHBBfR1DHM22mhNfbZ7NDE2WgS08%2BFgZcreD%2FUBUFEpeyCV81h8LpO3SgonjgBa6Zb0oTMvuBLSL6N61FvC6KWd7XaPGmua6k1%2Bf2Vdttu4H5QR2stqX%2BinoRA2z59dAHtSIOYeGaQPg1lr%2B3JKwV3bLfkhhQv3%2FrFVXEZng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0dfcc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 326858.jpg
media.gamesassists.com/images/ 16 KB
14 KB 1703ms
408ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/326858.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: aa01b52cc80dc4c279670476749b67e22073d4907085a88db39e237d274bb1a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 11:53:56 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 14237
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H2 200 326363.jpg
media.gamesassists.com/images/ 21 KB
21 KB 512ms
512ms Image
image/jpeg 194.127.139.227
INTERWETTEN-AT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gamesassists.com/images/326363.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.127.139.227 , Malta, ASN43916 (INTERWETTEN-AT-AS, MT),
Reverse DNS
Software: /
Resource Hash: b4fc007fa64badbd2a1e9ef693253582aef76c13a45dd69a06b60fd976af83ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 10:31:13 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
content-length: 21386
x-rbt-cli: Name=dc1-rvbd02; Ver=9.12.2a;
expires: Thu, 09 Nov 2023 23:00:00 GMT

GET
H3 200 lazysizes.min.03bfb065.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/ 336 KB
42 KB 14ms
14ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/lazysizes.min.03bfb065.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frHxp5bDWx4kyFAVaNGeo10CwIhfwpiyX60OoaijpMcxdTblrY%2FBrpGj2Dp7dsdAnBeO3fWtnvTRbfUW3dW%2FNmi%2BbFuKxXJUkKr6oydfuQ3M6GKJV7Q9gTY3OW8gPjjo2DyBOli8hRnwo1xLDNES8Zrq1wWz%2F3zZkvcRjRusTqRjkQvOCqVfG9t18bzDjQ6eoePxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35c7d74c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 web-0.min.38598527.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/ 336 KB
42 KB 14ms
14ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/web-0.min.38598527.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw9sIaF1dV4NHHAFbMaVqEXs%2BqfFzKJUmoNOpKXFWTrr1h08X%2BAmpH%2FD2mIvVvKda7O0dqRPKn6BBueyVpRSW%2B3KYRoXCrx16%2FIlanX6q9pKmKEpiQ1OEqpC%2BuMK48zL473esCh5YUmXTyGZc7TrSH7DgEICm3JZ6JspktyoP0ttz5U52CuPyq0%2Ft2UmZIGCvDU%2BOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35c9d99c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 payment.min.5b0c2661.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/ 336 KB
42 KB 12ms
12ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/payment.min.5b0c2661.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcvXwDl07iZi9qGy9zOMHsq%2FCZMj%2Be4pDnpwElrSJGWdDmaqdpH63jxKMHvRe4VlbF%2FImQLZNKfLs%2F%2BfZtSKOj%2BfZXYj4vSxmLVHyMIzNS%2Bx0KDVojVecOsNuGaRaDKm9bbihFKC3WAgfBu%2F76jpXCd2b74vmB%2F087NooStYMxLaXnR7q3LKHoIApvYS4N7lblNBxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35cbdadc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 sportsbook.min.111f98e7.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/ 336 KB
42 KB 11ms
10ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/desktop/sportsbook.min.111f98e7.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BQ%2FDRByjhoYAKP9TfKUDVqMJ7qLOq6n%2BuXCzjpbh2s5FwndejxHRmiDVyR4cMiwfdWqIxyqlL8jNSBAkra2h9xSSukCKrgJzkg%2FDCqxqBreKsqvOG0TGJAo5WdjnyBnhxrNiTwRnTPMwRVc%2B1NLZmrHmrJ56%2BIwCRDk2RyPoJZ%2FuMJvubsHsbHqPfW0dV%2BnPQs63w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35cfdedc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 bettingslip-0.min.1cbcbceb.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/ 336 KB
42 KB 14ms
10ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/bettingslip-0.min.1cbcbceb.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvq1arEw7cXjGgs%2BdAQBk7IvyRzBGJfKZfauMrs7HCAOAC75f91F2QmC3vJxlWMTGV55T536ekbKleUibR2pQDKraZtwIuASl7VRlKPva%2F2iL2wUsikHRepK28kIWJO5rUo%2BBoawkpxY6Dbt1KY9Y%2BCEWiLK4YDFfscikENan7IVV0Yxn2TqwMh3dpU9M9ldfuO1%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0defc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 bettingslip-platform-1.min.13cec86c.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/ 336 KB
42 KB 15ms
11ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/js/bettingslip-platform-1.min.13cec86c.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beiEc25z4UoJhS50CnXZBS88oe29kvN09asYIy7dx5OMzYpkq6fV2MtlX0RBpOarufytYXkwvZxdg0qMVpjmEeGFjrtY9mkydLYevbARYaUqWcTP7oaLyG2mxyGvXN3gQWCQrROtN0is2g2sTV26YQckhuOekBUg0HkHSuCjOVsF6Yi4LNqWe9eaJEvlQKhsQ29KBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df0c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.55470f8a.js Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/ 336 KB
42 KB 29ms
25ms Script
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/bundles/responsive/main.55470f8a.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUHAYcIJnACt8b7DefZBOR23opgP5AoLGbI9Et%2F9U6YB%2Fa5dkR2KMxOwyy6ZwD5hh9zXoJrsPdvKKU6R1e46%2FYOLQdY1ktGfZtQEUnMuY%2FECSNkLQwySZTLSdTB6NoSzxzWhckoRADDnwVeCsFEt4WPuIIHTDS4fjK4obGN2c09wFNQPf6WD1vvINsIag5pwjqaFRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35d0df1c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK otherlevels.js Show response
cdn.otherlevels.com/js-sdk/ 126 KB
37 KB 126ms
20ms Script
application/javascript 18.238.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=de3008e139f59cd3b232af1e8a13c9c4
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-25-102.cmh68.r.cloudfront.net
Software: /
Resource Hash: e62de3582f34652b8bfc3e08f8be9bb70bc6ae37b2dbcad8dd95c4105ab25878

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 12:05:20 GMT
Content-Encoding: gzip
Via: 1.1 ede5c6921f45d3b45a7afce27d144cda.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P5
Age: 1648
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=172800
Connection: keep-alive
Content-Length: 37818
X-Amz-Cf-Id: x28jEIMkxqJ10XKjBFQYgEt5XaAJz0KxyyG4yIEwh2AHh0eDTNeuOQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
81 KB 103ms
59ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P9XCJV

Requested by

Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a862cd15466c2ce34de380e93c957fe9e8c1dc87e3dc87d8096db5a2d4d1a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82705
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 12:32:48 GMT

GET
H3 200 Payments.svg Show response
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/img/desktop/payment/ 336 KB
42 KB 12ms
11ms XHR
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/img/desktop/payment/Payments.svg?build=2023.10.09.2
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9qiim7kqqRYufQ2EtuPcOw4tjXlxxypG6NF7NkZnd6adTtIB4GRCmL3vo3B%2Fb8UMKhSI4XhYvH0zmGT2GFA%2BZ3yiVUkZYGuhSgzHfkbQAF7chAQ9tLrZNwKsuIOJsjSpVsqRW9oCQaLKzlEVPQbCT3yu2mPs60HhwVCkcmH%2F0%2Ba%2Fvk0zf%2BQf4Mx%2BUSrWVjDpQKQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35dfef2c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 iw-logo-simple-colour.svg
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/ 336 KB
336 KB 13ms
11ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/iw-logo-simple-colour.svg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FgIRPkiT4Lg5AWH8aLmt8v4k2%2FibZq9FzrVm8DE%2FjmjaQgNY9EqV91tpZv3%2By6BaCL7frYK4I8FJwDMc00UtVWgWY5jWXWoOLUALh730d1C7lzuaZEBa8w2WqEiTlECqa4wMLZQekDJDnOqQRurb3QZFBNEBpIGeL0vjKb0%2B4birMB%2BOGVcMhY8Wo%2BzdEmBAV1BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfd4c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 iw-horizontal.svg
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/ 336 KB
336 KB 14ms
12ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/Content/responsive/svg/Logos/Brand/iw-horizontal.svg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87kQ8CqHyStnfVSFOU4M6rDN77yFNxKeXnKABoMUN6gMWhaIZKqZRpTmjGW1O3tYgij92gwL4ie8pk60P5RHOjVVOxFJqcUE%2BKZFmnHM2gx1yPmqPJ0%2FpR0QGbBKh%2FSUhiL8MgqFyTejqicZnUbRSqDHejOJ4SD%2FfDw%2FYQCvXmYemyMQNotNgoMOUdagi1vMn8x0WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfd5c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 15ms
13ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f10%2fd2a2a6be-f528-48b1-aa73-f957b146e8a1.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQEaW%2FESUzSoUmzqTOfcGIjRkG30ZMqqxHA%2Fi0VviZoCUNHsn7JKf2qimknrz%2F%2FBBRG2gGJ4f3wAgOeb3VKWn7VY%2BA9%2FTC7gZr5PEI2%2BdpQYIPWnSfOEhvgjDs3MeH6Z5SNwLXyD43WpZvmu%2BeszFvyznboAmN5eIhHlNmOhNJQBKAmZve7fIJy0FqoMARRGKIfOMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfd6c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 17ms
15ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f9%2fc501b773-3981-495d-bef9-1525b0363588.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjgCtBwjtvk8ZCxnFSbjhRgoqYVmxoRypjfWw0VlHNslPZVUBwRbadxzhxi6EGUDmD8%2BDhPGKWfVcuxVIUzN4wEMH9wnGazH390n4mBklkQx%2F0hwDebDNoawwhh3KYFw1WsL7i9fGj8u9sfS1YTjS5f%2FgSOHV8uOxqWUt6iAcRJ3v%2FscemHarC%2BBhrbwRs%2Bdh%2FnTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfd8c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 19ms
18ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f9%2f6a5c7060-a7b2-4845-bac1-15a2a8105e03.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRwvdfA%2FBsh2FZKmj3JS36idvCS%2BxBPLGbnOB8nE8ATUl6t93eWuXvI7FVM7TEOiNSH%2BU6BIkUmZr%2F2s4tDMTBaUO7Qo0Qbo7I7ogOCaSr8uXzEj%2BvnNfYvkMNIHp0IrBvtnNtzQOlE2ms60dYykS5k45qyjbt057RWyhnqmIoPify23bO1zFw9iGpn2Fb%2BQ2QDuog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfd9c411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 22ms
20ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f6%2f48624e62-259c-4d6c-b1f6-7ec89656edaa.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD0TyjIaAHLqgDHS9nsobu4YYdICDCowA5tvWdmUXhv%2FHds5r6OcyE8Rh%2BYLqjuleFi2cYCpT1eig0wo8u7D4XPtBaWMAqbQSEo5x2ey7302MYpLV4nLR6qjiiZCxm%2BuOgHNsiPoghkTzPPBi1tsvF%2BjvWREsOts7VJ%2Bkf1I1%2BuHDcB3f6KcOLv05UXCJbX9UnTVSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfdac411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 29ms
28ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f5%2ffa226ee3-c4f8-4f01-a428-e941ada2c04d.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orlIJ9b6Com3fl1inazMR8bzZM1c5QO1VQeu7xXMcQFTvWvJi4d%2BMGlbX9cpYQzMd0IIBuYwWHwQyPHihC3nIhOzwIJNf579Pc3hHLU3wNyOYtDClYST8CYaGLoo8LWGwAFdX0nOq%2FZKy59EgJaAWX0hp7QLCg6SBkOgsqc1rczNNNp%2BuqYPDOpPz%2B1hAPWKA%2BC5Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfdbc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.axd
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/ 336 KB
336 KB 24ms
22ms Image
text/html 2606:4700:3037::6815:3faf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/image.axd?picture=2023%2f3%2f5885825b-01aa-48b2-a4a0-5d94d32f2421.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3faf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEJhX8hh3wPwIjYawx39iIwB8tK9jm7JOhhIMXQq357pc5HD3e%2BK1tm1LmFsrIBugSAzNzIAu%2FZahRUQSazw8H3uIvBdomhWMYGtle7nKJGt45LUCDBskVDZKFwzPX8AwgIJ6rtnj9E%2BJS2T0792f6JDE3aEuBjXLMAXRUl1BF9UthgoF2lCgiRnKvJALLnfHrSGtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 813ee35edfdcc411-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 comqa Show response
sportsbooksoftware.germany-2.evergage.com/api2/event/ 19 KB
4 KB 647ms
452ms XHR
application/json 35.156.113.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sportsbooksoftware.germany-2.evergage.com/api2/event/comqa?event=eyJhY3Rpb24iOiJTcG9ydHNib29rIiwiaXRlbUFjdGlvbiI6IlZpZXcgSXRlbSIsInNvdXJjZSI6eyJwYWdlVHlwZSI6InNwb3J0Ym9vayIsImNvbnRlbnRab25lcyI6WyJzdGlja3lCYW5uZXIiLCJnbG9iYWxfaW5mb2Jhcl90b3Bfb2ZfcGFnZSIsImhvbWVfcG9wdXAiXSwidXJsIjoiaHR0cHM6Ly93b3JrZXItaXctZGV2LWRlbW8uaW50ZXJ3ZXR0ZW4tZ2FtaW5nLWx0ZC53b3JrZXJzLmRldi8iLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjUyOSJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYXR0cmlidXRlcyI6eyJkb21haW4iOiJ3b3JrZXItaXctZGV2LWRlbW8uaW50ZXJ3ZXR0ZW4tZ2FtaW5nLWx0ZC53b3JrZXJzLmRldiJ9LCJhbm9uSWQiOiIwMzg3Yjg4NzNiODNhZWRhIn0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6eyJDYXRlZ29yeSI6eyJfaWQiOiJTcG9ydHNib29rIn19LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6Ijk1MDA5NDU3MDcyNzQ2NzEifQ%3D%3D

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sportsbooksoftware/comqa/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.113.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-113-70.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3734ebb5d57b9cf9c1ba2a474644dfdf2449116801b1e46cf0b476a2a5e85647

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 de Show response
prod-origin.truendo.com/jsons/251872c3-aff1-42da-8fb4-023b4250637a/ 238 KB
32 KB 179ms
95ms Fetch
application/json 2600:9000:24f7:fa00:0:4b9a:3a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-origin.truendo.com/jsons/251872c3-aff1-42da-8fb4-023b4250637a/de
Requested by: Host: cdn.priv.center
URL: https://cdn.priv.center/pc/app.pid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f7:fa00:0:4b9a:3a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f184a0b95758481f3206cdf55fb88d54dad1af73ec7fa413c54f857dd2a4178

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 09:52:03 GMT
content-encoding: br
via: 1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
x-amz-request-id: NP5HDJ45CVVPHX2C
x-amz-cf-pop: CMH68-P1
x-amz-server-side-encryption: AES256
age: 9646
x-cache: Hit from cloudfront
x-amz-id-2: beFDbaisdV2fRNRRQLBJicUiAq/of3v8B0fTE/VkACmvbNuezPlQ9hWemYobxpy16TZRUtRGNw0=
last-modified: Wed, 24 May 2023 10:49:46 GMT
server: AmazonS3
etag: W/"ce60c9b32a2b205b8d86e3cab966dfb3"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=21600, s-maxage=86400, proxy-revalidate, stale-if-error
access-control-allow-headers: Content-Type
x-amz-cf-id: 6d6xZLKFht7F7sMhYMlKxgn--veFhezrnPcY8KguRpskwqFIaB3-bw==

GET
H2

200

config Show response
prod-origin.truendo.com/regions/US/
Redirect Chain

https://prod-origin.truendo.com/region/config
https://prod-origin.truendo.com/regions/US/config

45 B
606 B

34ms
33ms

Fetch
application/json

2600:9000:24f7:fa00:0:4b9a:3a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-origin.truendo.com/regions/US/config
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Server: 2600:9000:24f7:fa00:0:4b9a:3a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a9d1b952d4a32f07a070698dbbdc82072a98415e9372f561a01b983010f30a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 10:24:25 GMT
via: 1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
x-amz-request-id: V0NZCZZPC5MZVCXK
x-amz-cf-pop: CMH68-P1
age: 7704
x-cache: Hit from cloudfront
content-length: 45
x-amz-id-2: ZelqaAwolsNtZXBjJYJ9SAXoNSU3fObLE+Zpu70Vr3WDydXpyrMxnMOJLv54GLlTrGYjmY8uE64=
last-modified: Fri, 05 Feb 2021 08:40:48 GMT
server: AmazonS3
etag: "e23e4a8b30adcfa0940a54d43ffc7e7b"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=21600, s-maxage=86400, proxy-revalidate, stale-if-error
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-amz-cf-id: 17jXpW-SVlLGWn-8Tv3YQU1GdgpBw02kmqNzSzxtrDu_bheSvA3Kjg==

Redirect headers

date: Mon, 09 Oct 2023 12:54:07 GMT
via: 1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P1
age: 85121
x-cache: Hit from cloudfront
location: https://prod-origin.truendo.com/regions/US/config
access-control-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 0
x-amz-cf-id: ysfTD9B3UHnJhsoLhPPFZhGTDmHq7IAEEjSFSBMqaA5ythlxRSv47g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 52ms
12ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XCJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 12:12:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Oct 2023 14:12:37 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 0
114 B 381ms
299ms Script
application/javascript 2600:141b:1c00:16::17c4:324
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQR
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:324 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
cache-control: max-age=900, public
content-length: 0
apigw-requestid: MlehrjiPjoEEPpw=
content-type: application/javascript

GET
H2 200 IZTfM Show response
www.getback.ch/ 270 B
441 B 284ms
85ms Script
application/javascript 52.57.108.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getback.ch/IZTfM
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XCJV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.108.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-108-94.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7b9a2afb837f7ef586e2c276df736e75696ddfda4b930946f688c8f9d4b383d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
pragma: public
date: Tue, 10 Oct 2023 12:32:48 GMT
cache-control: max-age=2592000, public
server: nginx
content-length: 270
expires: Thu, 09 Nov 2023 12:32:48 GMT

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
618 B 693ms
205ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XCJV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 180
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 61ms
60ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DND7C2FYLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XCJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc2e2f4ca6d4ef9f0d42a165c8df03ff0a76c140c9561737fc701f9289438508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 12:32:48 GMT

OPTIONS
H/1.1 204
No Content session
js-api.otherlevels.com/0.8/ Frame 0
0 383ms
91ms Preflight 52.42.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.83.58 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-83-58.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 Oct 2023 12:32:48 GMT
Server: Tengine
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK session Show response
js-api.otherlevels.com/0.8/ 3 B
816 B 96ms
96ms XHR
text/plain 52.42.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=de3008e139f59cd3b232af1e8a13c9c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.83.58 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-83-58.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 10 Oct 2023 12:32:48 GMT
X-Content-Type-Options: nosniff, nosniff
Connection: keep-alive
Content-Length: 3
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Request-Id: sdkapi-51463d6c-66e2-4136-bb6f-43ab8dc22ef9
Pragma: no-cache;
Server: Tengine
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-Id
Cache-Control: no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires: Mon, 01 Jan 0001 00:00:00 GMT;

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
234 B 34ms
34ms XHR
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1564872671&t=pageview&_s=1&dl=https%3A%2F%2Fworker-iw-dev-demo.interwetten-gaming-ltd.workers.dev%2F&dr=&ul=en-us&de=UTF-8&dt=Online%20Sportwetten%20mit%20Top%20Wettquoten%20%26%20100%25%20Bonus%20%7C%20interwetten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACADI~&jid=1492608655&gjid=1778692319&cid=1614238166.1696941169&tid=UA-1851411-32&_gid=1299009300.1696941169&_r=1&gtm=45He3a40n71P9XCJV&cd29=&z=653163525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
374 B 42ms
18ms XHR
text/plain 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1851411-32&cid=1614238166.1696941169&jid=1492608655&gjid=1778692319&_gid=1299009300.1696941169&_u=YEBAAUAAAAAAACADI~&z=1504335574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 10 Oct 2023 12:32:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DND7C2FYLB&gtm=45je3a40&_p=1564872671&cid=1614238166.1696941169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696941168&sct=1&seg=0&dl=https%3A%2F%2Fworker-iw-dev-demo.interwetten-gaming-ltd.workers.dev%2F&dt=Online%20Sportwetten%20mit%20Top%20Wettquoten%20%26%20100%25%20Bonus%20%7C%20interwetten&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DND7C2FYLB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 38ms
22ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1851411-32&cid=1614238166.1696941169&jid=1492608655&_u=YEBAAUAAAAAAACADI~&z=1856988601

Requested by

Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IZTfM.js Show response
static.getback.ch/clients/ 17 B
500 B 107ms
30ms Script
application/javascript 3.160.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.getback.ch/clients/IZTfM.js

Requested by

Host: www.getback.ch
URL: https://www.getback.ch/IZTfM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-21.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6f7e89fede46420fda14d71f87830b3859899517d1120e9b37586601178c696b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:15:50 GMT
via: 1.1 28541d1c5ba94fa4ae7d6f7a2c07f4f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CMH68-P3
age: 278218
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17
last-modified: Tue, 26 Jul 2022 15:02:05 GMT
server: AmazonS3
etag: "2f929badc9e9de79c7bd0b3b7cdb8f3a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: ofkWXyHVVgnUO0ZPbsQr8OYEsBWTTCnibdauWBXnCSmb9IO-EGK1tA==

POST
H2 200 fetch Show response
js-content.otherlevels.com/de3008e139f59cd3b232af1e8a13c9c4/@OL@b4154c074290a78be86573a56b8a/interstitial/v2/ 14 B
411 B 134ms
134ms XHR
application/json 54.184.101.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/de3008e139f59cd3b232af1e8a13c9c4/@OL@b4154c074290a78be86573a56b8a/interstitial/v2/fetch?preload=false

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=de3008e139f59cd3b232af1e8a13c9c4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.184.101.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-184-101-79.us-west-2.compute.amazonaws.com

Software

Resource Hash

15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 10 Oct 2023 12:32:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
access-control-max-age: 86400
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
content-length: 14
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fetch
js-content.otherlevels.com/de3008e139f59cd3b232af1e8a13c9c4/@OL@b4154c074290a78be86573a56b8a/interstitial/v2/ Frame 0
0 398ms
95ms Preflight 54.184.101.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/de3008e139f59cd3b232af1e8a13c9c4/@OL@b4154c074290a78be86573a56b8a/interstitial/v2/fetch?preload=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.184.101.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-184-101-79.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
date: Tue, 10 Oct 2023 12:32:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 204 pr
sportsbooksoftware.germany-2.evergage.com/ 0
563 B 88ms
87ms Ping
text/plain 35.156.113.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sportsbooksoftware.germany-2.evergage.com/pr?.top=650&item=%7B%22type%22%3A%22Category%22%2C%22_id%22%3A%22Sportsbook%22%7D&action=Sportsbook&.tt=648&.ttdns=20&.dt=623&.btdns=9&.bv=16&_ak=sportsbooksoftware&_ds=comqa&.scv=529&channel=Web&_r=032219&.anonId=0387b8873b83aeda&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sportsbooksoftware/comqa/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.113.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-113-70.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
date: Tue, 10 Oct 2023 12:32:49 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H2 204 msreceiver
sportsbooksoftware.germany-2.evergage.com/ 0
555 B 88ms
88ms Ping
text/plain 35.156.113.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sportsbooksoftware.germany-2.evergage.com/msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22gDLdE%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=sportsbooksoftware&_ds=comqa&.scv=529&channel=Web&_r=924186&.anonId=0387b8873b83aeda&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sportsbooksoftware/comqa/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.113.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-113-70.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
date: Tue, 10 Oct 2023 12:32:49 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 cumulus_growth.jpg
cdn.evergage.com/evergage-content/cumulus/ 68 KB
68 KB 26ms
15ms Image
image/jpeg 151.101.64.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.evergage.com/evergage-content/cumulus/cumulus_growth.jpg
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f9dd7f42c656036085fc34ba2adec43b9e616a4778ec47c68a7bb436809822c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9MffrASESysOFyk2estoHN6sSErHIPIY
via: 1.1 varnish, 1.1 varnish
date: Tue, 10 Oct 2023 12:32:49 GMT
x-amz-request-id: RV17PZRFXAAMQKZE
age: 16745
x-cache: HIT, MISS
x-amz-replication-status: COMPLETED
content-length: 69420
x-amz-id-2: 9T3qPio5U0iAPijfbcKbutpwzcrhwF9UhN7NKIFdXPYaNKdzoI8Qrm2GKeP+zGolf2aKWaWg5lpUNnuvkPedLw==
x-served-by: cache-iad-kjyo7100062-IAD, cache-lga21965-LGA
last-modified: Thu, 13 Aug 2020 08:03:17 GMT
server: AmazonS3
x-timer: S1696941169.152039,VS0,VE9
etag: "8383cfce91b0748d338b5b425d19240c"
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 212ms
4ms Script
application/javascript 185.167.164.46
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.46 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:49 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 1 KB
1 KB 206ms
205ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2569830&ADFPageName=TestWebsite%7CSportsPage%7CHome_Test_SportsPage&ADFdivider=%7C&ord=422846002319&ADFtpmode=2&itm=eyJzdjEiOiJ3b3JrZXItaXctZGV2LWRlbW8uaW50ZXJ3ZXR0ZW4tZ2FtaW5nLWx0ZC53b3JrZXJzLmRldiIsInN2MiI6Ii8iLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjciOiIiLCJzdjExIjoiIiwic3YxMiI6IiIsInN2MTMiOiIiLCJzdjE1IjoiIiwic3YxNiI6IiIsInN2MTciOiIiLCJzdjE4IjoiIn0&loc=https%3A%2F%2Fworker-iw-dev-demo.interwetten-gaming-ltd.workers.dev%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7969783ece41e9e1f2bc9121c0346a9f030d8e88e433fd957b5e6c6d976c1758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 659
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 868 B
1 KB 205ms
204ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2569830&ADFPageName=TestWebsite%7CSportsPage%7CHome_Test_SportsPage&ADFdivider=%7C&ord=422846002319&ADFtpmode=2&itm=eyJzdjEiOiJ3b3JrZXItaXctZGV2LWRlbW8uaW50ZXJ3ZXR0ZW4tZ2FtaW5nLWx0ZC53b3JrZXJzLmRldiIsInN2MiI6Ii8iLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjciOiIiLCJzdjExIjoiIiwic3YxMiI6IiIsInN2MTMiOiIiLCJzdjE1IjoiIiwic3YxNiI6IiIsInN2MTciOiIiLCJzdjE4IjoiIn0&loc=https%3A%2F%2Fworker-iw-dev-demo.interwetten-gaming-ltd.workers.dev%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=6827001429492646024

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e40346f3ed64cb7866499ff47f4a7147dc4a3d72b449a68a903e175341a9e211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 699
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 244A 5 KB
2 KB 416ms
135ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2569830&ADFPageName=TestWebsite%7CSportsPage%7CHome_Test_SportsPage&ADFdivider=%7C&ord=422846002319&ADFtpmode=2&itm=eyJzdjEiOiJ3b3JrZXItaXctZGV2LWRlbW8uaW50ZXJ3ZXR0ZW4tZ2FtaW5nLWx0ZC53b3JrZXJzLmRldiIsInN2MiI6Ii8iLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjciOiIiLCJzdjExIjoiIiwic3YxMiI6IiIsInN2MTMiOiIiLCJzdjE1IjoiIiwic3YxNiI6IiIsInN2MTciOiIiLCJzdjE4IjoiIn0&loc=https%3A%2F%2Fworker-iw-dev-demo.interwetten-gaming-ltd.workers.dev%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=6827001429492646024

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ca7fe44f25e771d2ab2022b706400b89c26f8ac4b9fe3162ea4a016eaba139d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 12:32:50 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
466 B 772ms
203ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=958164021882533390&stamp=YkmVz99D2UYDvP-67D9Y4w2

Requested by

Host: worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
URL: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame 244A 0
384 B 136ms
136ms Image
text/plain 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 244A
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770

43 B
423 B

11ms
11ms

Image
image/gif

3.234.8.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 3.234.8.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-147.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 Oct 2023 12:32:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=958164021882533390&Expiration=1698150770
access-control-allow-origin: *
date: Tue, 10 Oct 2023 12:32:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 244A 0
400 B 141ms
96ms Image
text/plain 23.196.60.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.196.60.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-60-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:50 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 09 Oct 2023 12:32:50 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 244A 0
662 B 579ms
130ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=958164021882533390&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=958164021882533390&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=b064cdd9365344309e...
https://c1.adform.net/serving/cookie/match?party=9&uid=419babe6d50e0a5f34cb6b41c138e0234b53be14442d87625982d979fa4a0953

35 B
599 B

134ms
134ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=419babe6d50e0a5f34cb6b41c138e0234b53be14442d87625982d979fa4a0953

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=419babe6d50e0a5f34cb6b41c138e0234b53be14442d87625982d979fa4a0953
date: Tue, 10 Oct 2023 12:32:50 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=958164021882533390&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=4931960368693653661

35 B
590 B

138ms
137ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=4931960368693653661

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=4931960368693653661
pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 244A
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1&verify=true

0
120 B

12ms
11ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=958164021882533390&_origin=1&verify=true
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 244A 43 B
638 B 545ms
127ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:50 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1696941170761087-246

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 244A
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=958164021882533390
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=958164021882533390
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=194516f6-02f6-4fd8-9176-43508241ff11

49 B
869 B

19ms
4ms

Image
image/gif

198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=194516f6-02f6-4fd8-9176-43508241ff11

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-b6f574bf6-nxx6x
expires: -1

Redirect headers

Location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=194516f6-02f6-4fd8-9176-43508241ff11
Date: Tue, 10 Oct 2023 12:32:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 244A
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770&C=1

43 B
337 B

19ms
18ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcaVZ4PbvOxvAQ7athiEKyixt7CAGRBPcyS5a2KB3V5Daz1AKBys%2FONqhxq3OZBHdvSaVGpdI%2FZLVroy0E7AcFso4SRyn4XpryqYsrZUU35Y2MZbcg1RE8Kg5EyvHHedGTb3EBp%2FRfoWow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813ee36aafe33344-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id%2B%2B6H3MVhM4ng4OxoQfV4kNF9K1lEmRu08UmvAj6PIlsD5v%2F%2BQjJGj98WuF%2BR7NAI3xt6Kda46%2BNnLV2d7qGp5PLnW%2B9upGQrdSzdCJMcYk7Y%2FSmd%2FDTA7YRqoGIc1DF4A%2B2OhLrLxj1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=958164021882533390&expiration=1698150770&C=1
cache-control: no-cache
cf-ray: 813ee36a8fce3344-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 244A
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=958164021882533390&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=958164021882533390&sInitiator=external

42 B
604 B

28ms
27ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=958164021882533390&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:50 GMT
Frontend-ID: 15
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:50 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=958164021882533390&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 244A
Redirect Chain

https://ps.eyeota.net/match?uid=958164021882533390&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=958164021882533390&bid=9gdtmu1

70 B
440 B

11ms
11ms

Image
image/gif

3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=958164021882533390&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 10 Oct 2023 12:32:50 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=958164021882533390&bid=9gdtmu1
Date: Tue, 10 Oct 2023 12:32:50 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 244A 0
299 B 56ms
10ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 244A
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=958164021882533390
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSOTU4MTY0MDIxODgyNTMzMzkwEAAaDQjyiJWpBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589&expected_cookie=36b77344-599f-44ad-b7bf-6a7594b6d99b

0
143 B

43ms
43ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589&expected_cookie=36b77344-599f-44ad-b7bf-6a7594b6d99b
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4D16956EE5C24656B2285E28C5F6964D Ref B: EWR30EDGE1010 Ref C: 2023-10-10T12:32:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHW+etqyblH7LvepkW8g==

Redirect headers

date: Tue, 10 Oct 2023 12:32:50 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F9A2880147524512961EE3A30A199F85 Ref B: EWR30EDGE1010 Ref C: 2023-10-10T12:32:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=3ceb3d68d085afd3c6b0384e9605f785b8d974bc9c2bfff4bafbeb427c0c22b4791426b5417dce21&rand=01832589&expected_cookie=36b77344-599f-44ad-b7bf-6a7594b6d99b
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHW+esOsU5psqD30R+CQ==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/ Frame 244A
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent=

49 B
545 B

92ms
92ms

Image
image/gif

52.71.74.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 52.71.74.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-74-215.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.36.226
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=958164021882533390/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.43.128
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 244A 62 B
430 B 114ms
75ms Image
image/gif 23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 10 Oct 2023 12:32:50 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 244A
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=958164021882533390
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=958164021882533390

43 B
180 B

24ms
23ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=958164021882533390
date: Tue, 10 Oct 2023 12:32:50 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 244A
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

336ms
89ms

Image
image/gif

52.218.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 52.218.61.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 12:32:52 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: QQY5YEKWGYM4KFET
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: FM7MVRQ+AqrJBAJOn5cfGL7zYrkt9aXDMbe8J5CDevUKze/N6WzJTbJFb6Ma45TNv/ccimI5zYM=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 10 Oct 2023 12:32:49 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

2981
tags.bluekai.com/site/ Frame 244A
Redirect Chain

https://pixel.onaudience.com/?mapped=958164021882533390&partner=68
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=97e7395274c6c58b
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=VnFOb24vSGQ5OWVVRTBQaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEE677FoWvdDDjI3I2cswD8A&google_cver=1

62 B
306 B

80ms
80ms

Image
image/gif

23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEE677FoWvdDDjI3I2cswD8A&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 10 Oct 2023 12:32:51 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEE677FoWvdDDjI3I2cswD8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 244A 0
338 B 40ms
9ms Image
text/plain 3.221.126.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.126.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-126-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n031-ash-prod.krxd.net
date: Tue, 10 Oct 2023 12:32:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1696941170
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 244A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTU4MTY0MDIxODgyNTMzMzkw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTU4MTY0MDIxODgyNTMzMzkw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM04_SwhI9A6hlpbqMuRRx0&google_cver=1&google_ula=1641347,0

35 B
590 B

139ms
139ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM04_SwhI9A6hlpbqMuRRx0&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM04_SwhI9A6hlpbqMuRRx0&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 244A
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3985086500649229675&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=958164021882533390

43 B
833 B

3ms
3ms

Image
image/gif

68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=958164021882533390

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
an-x-request-uuid: 9e50d826-4b8e-4624-a306-b272958e48a3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.133; 5.181.234.133; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=958164021882533390
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 244A 42 B
470 B 17ms
5ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 10 Oct 2023 12:32:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 244A 0
384 B 139ms
136ms Image
text/plain 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 244A 43 B
444 B 90ms
19ms Image
image/gif 3.160.5.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.5.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-58.cmh68.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 22:35:48 GMT
Via: 1.1 cda1913a649dc75ebe085933b079c996.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: CMH68-P4
Age: 50222
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 1uDNcwd9wwF8Rgu9IyfcO7DfU3IJxRsZJ08gyv0ylWvqaIav63q6_A==

GET
H/1.1

200

p
a.audrte.com/ Frame 244A
Redirect Chain

https://a.audrte.com/a?adform_uid=958164021882533390
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTUyR3FMWnpaWGJTZHUybi1ZRmJtOWpJdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

11ms
10ms

Image
image/png

52.44.10.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 52.44.10.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-10-91.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 12:32:51 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 10 Oct 2023 12:32:51 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=958164021882533390&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=958164021882533390&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=68015259325709209161581101000595501362&noredirect=1

35 B
599 B

134ms
134ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=68015259325709209161581101000595501362&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-2-v051-0a8d0b09b.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: kv5j5AZ5TZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=68015259325709209161581101000595501362&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 244A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=958164021882533390
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213060604665006088349

35 B
590 B

203ms
136ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213060604665006088349

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
via: 1.1 8268c85934c036cd715280e1605c2636.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: CMH68-P3
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213060604665006088349
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: Ry9Joq76ZFaTyOpL4HfPiN0J2CKNMYHXFfjNzOQje4R6UKOYT8AN9g==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 244A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288306828415793294

35 B
590 B

134ms
134ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288306828415793294

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288306828415793294
Date: Tue, 10 Oct 2023 12:32:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 244A 62 B
360 B 198ms
198ms Image
image/gif 23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 10 Oct 2023 12:32:50 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=dd376525-4472-4c00-b8b4-7d9d93b4c9de

35 B
590 B

136ms
135ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=dd376525-4472-4c00-b8b4-7d9d93b4c9de

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Tue, 10 Oct 2023 12:32:50 GMT
Server: MT3 1031 59fd23a master iad iad-pixel-x19 config_version:"1969"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=dd376525-4472-4c00-b8b4-7d9d93b4c9de
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 10 Oct 2023 12:32:49 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=p02UQ81j1QQbUS5

35 B
590 B

135ms
134ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=p02UQ81j1QQbUS5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0d83127ff4ca9d300@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=p02UQ81j1QQbUS5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 244A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0506dd64-cbc3-4203-b31c-6f217b2aeb22

35 B
590 B

134ms
134ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0506dd64-cbc3-4203-b31c-6f217b2aeb22

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0506dd64-cbc3-4203-b31c-6f217b2aeb22
date: Tue, 10 Oct 2023 12:32:50 GMT
server: Kestrel
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame 244A
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=958164021882533390
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=958164021882533390

0
421 B

326ms
69ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:42 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: no-cache
X-Server: LAS10
Content-Length: 0
Expires: -1

Redirect headers

Date: Tue, 10 Oct 2023 12:32:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=958164021882533390
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS09
Content-Length: 203

GET
H2

200

3.gif
id5-sync.com/cq/10/124/0/ Frame 244A
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=958164021882533390
https://id5-sync.com/c/10/10/2/1.gif?puid=958164021882533390&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=3985086500649229675&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-55354-DUSR2Ds_1PFVImUGO3Nz5reX9DjxTrefmVLw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/0/3.gif?puid=9ea2ecce-89fd-4225-b16c-81e904bbba48&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

97ms
96ms

Image
image/gif

162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=9ea2ecce-89fd-4225-b16c-81e904bbba48&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=9ea2ecce-89fd-4225-b16c-81e904bbba48&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Tue, 10 Oct 2023 12:32:51 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 244A
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4129286026
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=dNE2sGTWUJHJGqOPHhNDt.

35 B
590 B

136ms
135ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=dNE2sGTWUJHJGqOPHhNDt.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:50 GMT
via: 1.1 google
last-modified: Tue, 10 Oct 2023 12:32:51 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=dNE2sGTWUJHJGqOPHhNDt.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 244A 23 B
278 B 161ms
24ms Image
image/gif 23.204.69.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.69.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-69-95.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 12:32:51 GMT
pragma: no-cache
date: Tue, 10 Oct 2023 12:32:51 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 244A 0
0

GET
H/1.1

200
OK

RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005
sync.targeting.unrulymedia.com/csync/ Frame 244A
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=958164021882533390
https://sync.1rx.io/usersync/smaato/fc4923e6f2?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync/smaato/fc4923e6f2?zcc=1&cb=1696941171286
https://sync.targeting.unrulymedia.com/csync/RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005

43 B
435 B

58ms
8ms

Image
image/gif

199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: HTTP/1.1
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 12:32:51 GMT
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 12:32:51 GMT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 244A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=958164021882533390&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEV...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=958164021882533390&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7B...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%2...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0506dd64-cbc3-4203-b31c-6f217b2aeb22&ttd_puid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20%2Chttps%253A%252F%252Fc1.adform.net%25...
https://c1.adform.net/serving/cookie/match?party=2007&cid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20

35 B
590 B

136ms
136ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 12:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Tue, 10 Oct 2023 12:32:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 958164021882533390
match.contentexchange.me/adform/ Frame 244A 0
49 B 350ms
112ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/958164021882533390?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:51 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 244A 43 B
109 B 102ms
71ms Image
image/gif 3.217.114.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.114.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-114-50.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:51 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 244A
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=958164021882533390&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=958164021882533390&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

13ms
13ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=958164021882533390&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 10 Oct 2023 12:32:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=958164021882533390&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 10 Oct 2023 12:32:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 244A 0
0

GET
H2 200 put
e1.emxdgt.com/ Frame 244A 43 B
120 B 61ms
15ms Image
image/gif 3.210.56.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-56-21.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:51 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 204 adf
pixel.sojern.com/idsync/ Frame 244A 0
156 B 59ms
22ms Image
text/plain 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=958164021882533390
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 244A 0
384 B 136ms
135ms Image
text/plain 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=958164021882533390&agencyId=8126&advertiserId=2116463&src=tp&rnd=647853
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:32:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=958164021882533390

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=958164021882533390

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/	1970-01-21 00:58:21	Name: _evga_933f Value: {%22uuid%22:%220387b8873b83aeda%22}
.worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/	1970-01-21 00:58:21	Name: _sfid_6027 Value: {%22anonymousId%22:%220387b8873b83aeda%22%2C%22consents%22:[]}
.interwetten-gaming-ltd.workers.dev/	1970-01-20 15:23:47	Name: _gid Value: GA1.3.1299009300.1696941169
.interwetten-gaming-ltd.workers.dev/	1970-01-20 15:22:21	Name: _gat_UA-1851411-32 Value: 1
.interwetten-gaming-ltd.workers.dev/	1970-01-21 00:58:21	Name: _ga_DND7C2FYLB Value: GS1.1.1696941168.1.0.1696941168.0.0.0
.interwetten-gaming-ltd.workers.dev/	1970-01-21 00:58:21	Name: _ga Value: GA1.1.1614238166.1696941169
sportsbooksoftware.germany-2.evergage.com/	1970-01-20 15:32:25	Name: AWSALBTGCORS Value: Eem7W2H9g6eT1MoU9GqdHC8nsBWmuqO9nev0Iyj0qb1VriYiIrPySIjyK2fIplt6P8NXKYKgBcAMDraJ05/gw0mdOWukzp4DuPatiKP37J0nZTMAy5BZ2jYjO6pVQDQ7q8pkxndIpeQo3YltSTQ8zesYgftkUJsml0aPARIQbR3rhBcRfVM=
.adform.net/	1970-01-20 16:07:03	Name: C Value: 1
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev/	1970-01-20 16:05:33	Name: adformfrpid Value: 6827001429492646024
.adform.net/	1970-01-20 16:48:45	Name: uid Value: 958164021882533390
.adform.net/	1970-01-20 15:23:47	Name: CM Value: 1\|1
.adform.net/	1970-01-20 15:42:30	Name: CM14 Value: 1697027570_1696941170_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.yahoo.com/	1970-01-21 00:08:18	Name: A3 Value: d=AQABBHJEJWUCEGmdCXot4etjZr9llHiCvHYFEgEBAQGVJmUvZdwt0iMA_eMAAA&S=AQAAAkTxIR1sCH-tbgNbmkfyqmM
.casalemedia.com/	1970-01-21 00:07:57	Name: CMID Value: ZSVEcittpDoQM3s4IINLPgAA
.casalemedia.com/	1970-01-20 17:31:57	Name: CMPS Value: 1348
.casalemedia.com/	1970-01-20 17:31:57	Name: CMPRO Value: 1348
.360yield.com/	1970-01-20 17:31:57	Name: tuuid Value: 9ea2ecce-89fd-4225-b16c-81e904bbba48
.360yield.com/	1970-01-20 17:31:57	Name: tuuid_lu Value: 1696941170
.analytics.yahoo.com/	1970-01-21 00:07:57	Name: IDSYNC Value: 1760~2eec
.smartadserver.com/	1970-01-21 00:52:35	Name: pid Value: 4931960368693653661
.smartadserver.com/	1970-01-21 00:52:35	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:09:23	Name: csync Value: 22:958164021882533390
.bidswitch.net/	1970-01-21 00:07:57	Name: tuuid Value: 194516f6-02f6-4fd8-9176-43508241ff11
.bidswitch.net/	1970-01-21 00:07:57	Name: c Value: 1696941170
.bidswitch.net/	1970-01-21 00:07:57	Name: tuuid_lu Value: 1696941170
.rlcdn.com/	1970-01-21 00:07:57	Name: rlas3 Value: 6DOCYfxoI+Ev0gfbTN9dAOztVr7rvo6xHa8EMCs4+7I=
.eyeota.net/	1970-01-21 00:09:23	Name: mako_uid Value: 18b19935ee7-777c0000010a5617
.eyeota.net/	1970-01-20 15:22:21	Name: SERVERID Value: 22039~DM
.semasio.net/	1970-01-21 00:07:57	Name: SEUNCY Value: FBCACABB77456ABD
.contextweb.com/	1970-01-21 00:00:45	Name: V Value: 0qkafMvYxBUJ
.contextweb.com/	1970-01-21 00:07:57	Name: pb_rtb_ev Value: 3-1nc7\|6zB.0.194516f6-02f6-4fd8-9176-43508241ff11
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 9e8f157f0bb10655
.rlcdn.com/	1970-01-20 16:48:45	Name: pxrc Value: CPKIlakGEgUI6AcQABIFCOhHEAA=
.openx.net/	1970-01-21 00:07:57	Name: i Value: b19a2e4d-9a22-44db-bf04-3cefc8b4f042\|1696941170
.pippio.com/	1970-01-21 00:07:57	Name: did Value: IxvtliCrq8vbta_f
.pippio.com/	1970-01-21 00:07:57	Name: didts Value: 1696941170
.pippio.com/	1970-01-20 16:48:45	Name: nnls Value:
.pippio.com/	1970-01-20 16:48:45	Name: pxrc Value: CPKIlakGEgYIgr0rEAA=
.bluekai.com/	1970-01-20 19:45:52	Name: bku Value: /Ux99cJWJVUX+ZAL
.crwdcntrl.net/	1970-01-20 21:51:07	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 21:51:07	Name: _cc_id Value: bfb19290f534dbc04fe7412cb488be47
.krxd.net/	1970-01-20 19:41:33	Name: _kuid_ Value: P2LtFwho
.adnxs.com/	1970-01-20 17:31:57	Name: uuid2 Value: 3985086500649229675
.pubmatic.com/	1970-01-20 16:05:33	Name: KRTBCOOKIE_391 Value: 22924-958164021882533390&KRTB&23263-958164021882533390&KRTB&23481-958164021882533390
.pubmatic.com/	1970-01-20 16:05:33	Name: PugT Value: 1696941170
.adscale.de/	1970-01-21 00:04:37	Name: uu Value: b064cdd9365344309e2d809dde646ff7
.adscale.de/	1970-01-21 00:04:37	Name: cct Value: 1696941170534
.doubleclick.net/	1970-01-21 00:58:21	Name: IDE Value: AHWqTUlJfwvQRo4eR6413J4QjM9anorvI-q7UEiVaHqHIK79-xn8Tt2ExV0TfLvqzHU
.linkedin.com/	1970-01-20 17:31:57	Name: li_sugr Value: 36b77344-599f-44ad-b7bf-6a7594b6d99b
.linkedin.com/	1970-01-21 00:07:57	Name: bcookie Value: "v=2&1661f742-93a7-4c41-8538-e4e3560c41dd"
.linkedin.com/	1970-01-20 15:23:47	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3013:u=1:x=1:i=1696941170:t=1697027570:v=2:sig=AQFR1kEpSMOP9dpQBpumPIhLsfdiJRzW"
.seadform.net/	1970-01-20 16:48:48	Name: uid Value: 958164021882533390
.ih.adscale.de/	1970-01-21 00:04:37	Name: tu Value: 4#4184887473#42~958164021882533390~471372~0~0
.demdex.net/	1970-01-20 19:41:33	Name: demdex Value: 68015259325709209161581101000595501362
.adnxs.com/	1970-01-20 17:31:57	Name: anj Value: dTM7k!M4/YErk#WF']wIg2Ilann8]9!]tbPl1MO?+q([.UbW(GOv]tpN[_]`OtwDB_-G0Zct-6q2*q3g!_6-zQEVk`!)f)jgU'ZG
.onaudience.com/	1970-01-21 00:07:57	Name: cookie Value: f0c49e3dad951c88
.onaudience.com/	1970-01-20 15:23:47	Name: done_redirects282 Value: 1
.dpm.demdex.net/	1970-01-20 19:41:33	Name: dpm Value: 68015259325709209161581101000595501362
.agkn.com/	1970-01-21 00:07:57	Name: ab Value: 0001%3AQQ%2BDZxGeXd%2FejDA0e%2FOujU0qHeUO8%2BuT
.mathtag.com/	1970-01-21 00:48:16	Name: uuid Value: dd376525-4472-4c00-b8b4-7d9d93b4c9de
.w55c.net/	1970-01-21 00:54:01	Name: wfivefivec Value: p02UQ81j1QQbUS5
.ads.stickyadstv.com/	1970-01-20 16:48:45	Name: uid-bp-617 Value: 958164021882533390
.ads.stickyadstv.com/	1970-01-20 16:05:33	Name: UID Value: c966657b78ccb092dd74a182d8a9d94
.w55c.net/	1970-01-20 16:05:33	Name: matchadform Value: 5
.adsrvr.org/	1970-01-21 00:09:23	Name: TDID Value: 0506dd64-cbc3-4203-b31c-6f217b2aeb22
.rubiconproject.com/	1970-01-21 00:07:57	Name: khaos Value: LNKAYJCQ-1O-5GXO
.rubiconproject.com/	1970-01-21 00:07:57	Name: audit Value: 1\|aQwypMaHR5PbZWBERKYcSFoEdcFbb8aVSuXPUW3SX6LFwpmMCvAS5sUW7eiub0a9+HBbmkzNfhtBK03vAHceEG4bn2cxl7tJCN3erPBSdqZ6xQQHsmFOnqsER244TEJ2fY0V14FIbwNDA6MeUnKE5KZr5ZVxLWDe
.adfarm1.adition.com/	1970-01-20 17:31:57	Name: UserID1 Value: 7288306828415793294
.teads.tv/	1970-01-21 00:06:30	Name: tt_viewer Value: 010c4e56-0ec8-4259-9a4e-f31f4b6b8527
.tapad.com/	1970-01-20 16:48:45	Name: TapAd_TS Value: 1696941171080
.tapad.com/	1970-01-20 16:48:45	Name: TapAd_DID Value: 6ff38ffe-050c-4f7b-a225-d8b4cdcf0d20
.adsrvr.org/	1970-01-21 00:09:23	Name: TDCPM Value: CAESFAoFdGFwYWQSCwja0sPR4eWkPBAFGAEgASgCMgsItMjG_vflpDwQBTgBWgV0YXBhZGAC
.smaato.net/	1970-01-20 15:52:35	Name: SCM Value: fc4923e6f2
.smaato.net/	1970-01-20 15:52:35	Name: SCMu Value: fc4923e6f2
.smaato.net/	1970-01-20 15:52:35	Name: SCM1001213 Value: fc4923e6f2
.weborama.fr/	1970-01-21 00:48:16	Name: AFFICHE_W Value: wPIhFINf4d3A85
.tapad.com/	1970-01-20 16:48:45	Name: TapAd_3WAY_SYNCS Value: 1!6804
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: utcz4aopqylz1neaczikudy2
.id5-sync.com/	1970-01-20 17:31:57	Name: id5 Value: 2407b3b5-1e75-7baf-91f3-2a38a917d5f5#1696941171134#2
.3lift.com/	1970-01-20 17:31:57	Name: tluid Value: 1966267814367620385094
.1rx.io/	1970-01-21 00:07:57	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005%22%7D
.targeting.unrulymedia.com/	1970-01-21 00:07:57	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1d9d046f-3dc6-4a30-9f05-816f19796e0f-005%22%7D
.360yield.com/	1970-01-20 17:31:57	Name: um Value: !42,lZwm-edlm9ZzIEZjCVyydfmoBHG.PvH5zDPVU7VoSBQ,1698150770!79,K5BS0Q8pmBM5wEwkncRIPzi3wD6NQiRbBcBo4PYy9yH10gv2mhR5FF9Ae-jqWMjaV-ZFLQ.XFbGN5Ax7,1704717171
.360yield.com/	1970-01-20 17:31:57	Name: umeh Value: !42,0,1759149170,-1!79,0,1759149171,-1
.id5-sync.com/	1970-01-20 17:31:57	Name: 3pi Value: 2#1696941171333#1998522508#3985086500649229675\|10#1696941171230#1015399243#958164021882533390\|124#1696941171450#-355920041
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: pxoi52ea5nce1amzifhcvpzm
.audrte.com/	1970-01-20 15:43:57	Name: arcki2 Value: a52GqLZzZXbSdu2n-YFbm9jIw!20220908!1696941171624!ip#5.181.234.133
.audrte.com/	1970-01-20 15:43:57	Name: arcki2_adform Value: 958164021882533390!20220908!1696941171627
.audrte.com/	1970-01-20 15:43:57	Name: arcki2_ddp2 Value: a52GqLZzZXbSdu2n-YFbm9jIw!20220908!1696941171668

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
bh.contextweb.com
bpi.rtactivate.com
c1.adform.net
cdn.evergage.com
cdn.evgnet.com
cdn.otherlevels.com
cdn.priv.center
cm.g.doubleclick.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js-api.otherlevels.com
js-content.otherlevels.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
media.gamesassists.com
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
prod-origin.truendo.com
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
sportsbooksoftware.germany-2.evergage.com
stags.bluekai.com
static.getback.ch
stats.g.doubleclick.net
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev
www.getback.ch
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
sync.1dmp.io
sync.e-volution.ai
104.18.27.193
107.178.244.119
107.178.254.65
141.94.170.77
142.250.72.98
151.101.64.114
162.19.138.119
162.248.18.37
18.238.25.102
185.167.164.37
185.167.164.46
194.127.139.227
198.148.27.131
199.127.204.142
23.105.12.151
23.196.60.110
23.204.69.95
23.46.225.71
23.47.169.12
2600:141b:1c00:16::17c4:324
2600:9000:24f7:fa00:0:4b9a:3a80:93a1
2600:9000:25f4:a200:6:8542:9680:93a1
2600:9000:25f4:d000:1b:5138:8a40:93a1
2606:4700:3037::6815:3faf
2607:f8b0:4004:c0b::9d
2607:f8b0:4006:80f::2004
2607:f8b0:4020:804::2008
2607:f8b0:4020:807::200e
2620:1ec:21::14
3.127.179.56
3.160.22.127
3.160.22.21
3.160.5.58
3.210.56.21
3.217.114.50
3.221.126.30
3.234.8.147
3.234.8.37
34.111.113.62
34.200.65.202
34.229.3.43
34.242.29.207
34.98.64.218
35.156.113.70
35.190.24.218
35.190.60.146
35.211.178.172
35.71.131.137
37.157.6.233
46.19.11.36
50.16.78.185
50.19.163.18
50.57.31.206
52.218.61.51
52.223.22.214
52.42.83.58
52.44.10.91
52.57.108.94
52.71.74.215
54.184.101.79
63.251.28.234
64.58.232.176
64.58.232.177
68.67.179.153
69.173.151.100
85.114.159.93
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f184a0b95758481f3206cdf55fb88d54dad1af73ec7fa413c54f857dd2a4178
15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3734ebb5d57b9cf9c1ba2a474644dfdf2449116801b1e46cf0b476a2a5e85647
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a862cd15466c2ce34de380e93c957fe9e8c1dc87e3dc87d8096db5a2d4d1a31
5d85ff895eb489970c41136287c5a4cbddc41557bb98f60524ddd419bd2cd271
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
624a22c9b3d98e782eb28c20f81491d6db2c2b8112a8a54dd42ba1538fc7948a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f3f0e09dac953258868ed01f37be5fcdf0ad83f85e22b8002c0fe004b2fd2ba
6f7e89fede46420fda14d71f87830b3859899517d1120e9b37586601178c696b
7969783ece41e9e1f2bc9121c0346a9f030d8e88e433fd957b5e6c6d976c1758
7b9a2afb837f7ef586e2c276df736e75696ddfda4b930946f688c8f9d4b383d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847f419323dd20e4aabbcb4c7cefe5d58dcaaef05ce3ab52de34d3e67cb41268
8b5bca04800ec844b93086f59605c141fb3bcd2dbddfd1ed2b745caece4245f8
8f9dd7f42c656036085fc34ba2adec43b9e616a4778ec47c68a7bb436809822c
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9d1b952d4a32f07a070698dbbdc82072a98415e9372f561a01b983010f30a3
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa01b52cc80dc4c279670476749b67e22073d4907085a88db39e237d274bb1a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e1ab9bb1849ab3ab97654c1d034c6663b61342296fdd8fc08470890ca5485c
b4fc007fa64badbd2a1e9ef693253582aef76c13a45dd69a06b60fd976af83ed
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdfbb1c46fb1b2113dd7cffbea0c3ed8b105b9e064555a2025b12bfa640f17ea
ca7fe44f25e771d2ab2022b706400b89c26f8ac4b9fe3162ea4a016eaba139d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40346f3ed64cb7866499ff47f4a7147dc4a3d72b449a68a903e175341a9e211
e62de3582f34652b8bfc3e08f8be9bb70bc6ae37b2dbcad8dd95c4105ab25878
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc2e2f4ca6d4ef9f0d42a165c8df03ff0a76c140c9561737fc701f9289438508
fd70fe510f0c0739ff16920b8fd3af813658fba0819eda223119bb0b99c2dfec

worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev Open in urlscan Pro 2606:4700:3037::6815:3faf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

73 %HTTPS

15 %IPv6

64 Domains

75 Subdomains

49 IPs

9 Countries

6830 kBTransfer

12648 kBSize

89 Cookies

26 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

worker-iw-dev-demo.interwetten-gaming-ltd.workers.dev Open in urlscan Pro
2606:4700:3037::6815:3faf Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

73 %
HTTPS

15 %
IPv6

64
Domains

75
Subdomains

49
IPs

9
Countries

6830 kB
Transfer

12648 kB
Size

89
Cookies

115 HTTP transactions
0 data transactions