www.rolimons.com Open in urlscan Pro
172.67.74.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rolimons.com/player/126166576
Submission: On May 22 via api (May 22nd 2024, 9:11:59 pm UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 29 domains to perform 159 HTTP transactions. The main IP is 172.67.74.181, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rolimons.com. The Cisco Umbrella rank of the primary domain is 314957.
TLS certificate: Issued by E1 on April 27th 2024. Valid for: 3 months.

This is the only time www.rolimons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	172.67.74.181 172.67.74.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.3.78 104.18.3.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6812:909	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:276... 2600:9000:2761:fe00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:249... 2600:9000:2491:e600:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
11	35.244.144.25 35.244.144.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a02:26f0:350... 2a02:26f0:3500:11::215:14cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
4	18.244.15.236 18.244.15.236	16509 (AMAZON-02) (AMAZON-02)
4	18.159.201.246 18.159.201.246	() ()
4	34.120.63.153 34.120.63.153	() ()
4	18.157.230.4 18.157.230.4	() ()
15	185.89.210.212 185.89.210.212	() ()
4	172.64.151.101 172.64.151.101	() ()
4	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	() ()
4	185.64.189.112 185.64.189.112	() ()
4	2602:803:c003... 2602:803:c003:200::21	() ()
4	178.250.1.8 178.250.1.8	() ()
1 5	34.253.100.47 34.253.100.47	() ()
3	2620:1ec:46::43 2620:1ec:46::43	() ()
3	151.101.65.108 151.101.65.108	() ()
3 9	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39b	() ()
3	2600:9000:223... 2600:9000:223d:aa00:10:43f:4352:ad61	() ()
1	2a02:2638:3::3 2a02:2638:3::3	() ()
2 4	23.205.255.162 23.205.255.162	() ()
2	52.223.40.198 52.223.40.198	() ()
1	172.64.149.180 172.64.149.180	() ()
1	76.223.111.18 76.223.111.18	() ()
1	2.17.1.103 2.17.1.103	() ()
1	52.212.42.149 52.212.42.149	() ()
1	2.17.1.138 2.17.1.138	() ()
159	42

13 172.67.74.181 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rolimons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thumbnails.rolimons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.rolimons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:909 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:fe00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2491:e600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.144.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.144.244.35.bc.googleusercontent.com

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:11::215:14cc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tr.rbxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.159.201.246 (None, )

ASN- ()

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.63.153 (None, )

ASN- ()

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.157.230.4 (None, )

ASN- ()

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.89.210.212 (None, )

ASN- ()

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f350:3:2569:0:10:0:200a (None, )

ASN- ()

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::21 (None, )

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.8 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.253.100.47 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::43 (None, )

ASN- ()

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.108 (None, )

ASN- ()

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:1b::1724:a39b (None, ) 3 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:aa00:10:43f:4352:ad61 (None, )

ASN- ()

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.255.162 (None, ) 2 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.1.103 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.42.149 (None, )

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.1.138 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 24913 tracker.nitropay.com — Cisco Umbrella Rank: 23010 a.nitropay.com — Cisco Umbrella Rank: 32471	242 KB
18	adnxs-simple.com ib.adnxs-simple.com cdn.adnxs-simple.com ams3-ib.adnxs-simple.com	53 KB
13	bing.com 5 redirects www.bing.com	35 KB
13	rolimons.com www.rolimons.com — Cisco Umbrella Rank: 314957 thumbnails.rolimons.com — Cisco Umbrella Rank: 801826 api.rolimons.com — Cisco Umbrella Rank: 732857	257 KB
10	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 20027 rumcdn.geoedge.be — Cisco Umbrella Rank: 2360 gw.geoedge.be	207 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 308 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 630 aax.amazon-adsystem.com — Cisco Umbrella Rank: 419	81 KB
8	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	156 KB
7	rbxcdn.com tr.rbxcdn.com — Cisco Umbrella Rank: 10109	24 KB
6	lijit.com 1 redirects ap.lijit.com ce.lijit.com	2 KB
5	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	2 KB
5	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	288 B
5	3lift.com tlx.3lift.com eb2.3lift.com	1 KB
4	criteo.com bidder.criteo.com	777 B
4	sonobi.com apex.go.sonobi.com sync.go.sonobi.com Failed	5 KB
4	casalemedia.com htlb.casalemedia.com	1 KB
4	media.net prebid.media.net	1 KB
4	sharethrough.com btlr.sharethrough.com	585 B
4	btloader.com btloader.com — Cisco Umbrella Rank: 876 api.btloader.com — Cisco Umbrella Rank: 958	29 KB
4	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 13990	150 KB
3	microsoft.com adsdk.microsoft.com	41 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 159	171 KB
2	adsrvr.org match.adsrvr.org	571 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 914	1 KB
2	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 39231	111 KB
1	indexww.com js-sec.indexww.com
1	criteo.net static.criteo.net	31 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	87 KB
0	tapad.com Failed pixel.tapad.com Failed
159	29

	Domain	Requested by
13	www.bing.com	5 redirects www.rolimons.com
11	ams3-ib.adnxs-simple.com	rumcdn.geoedge.be cdn.adnxs-simple.com
11	www.rolimons.com	www.rolimons.com
8	cdn.jsdelivr.net	www.rolimons.com
8	s.nitropay.com	www.rolimons.com s.nitropay.com
7	tr.rbxcdn.com	www.rolimons.com
7	tracker.nitropay.com	s.nitropay.com
6	rumcdn.geoedge.be	s.nitropay.com rumcdn.geoedge.be www.rolimons.com
5	ap.lijit.com	1 redirects s.nitropay.com
4	bidder.criteo.com	s.nitropay.com
4	fastlane.rubiconproject.com	s.nitropay.com
4	hbopenbid.pubmatic.com	s.nitropay.com
4	apex.go.sonobi.com	s.nitropay.com
4	htlb.casalemedia.com	s.nitropay.com
4	ib.adnxs-simple.com	s.nitropay.com
4	tlx.3lift.com	s.nitropay.com
4	prebid.media.net	s.nitropay.com
4	btlr.sharethrough.com	s.nitropay.com
4	a.nitropay.com	s.nitropay.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	code.highcharts.com	www.rolimons.com
3	gw.geoedge.be	rumcdn.geoedge.be
3	cdn.adnxs-simple.com	rumcdn.geoedge.be
3	adsdk.microsoft.com	rumcdn.geoedge.be
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	s.nitropay.com c.amazon-adsystem.com
2	match.adsrvr.org	s.nitropay.com
2	ad-delivery.net	www.rolimons.com
2	consent.nitrocnct.com	s.nitropay.com
2	securepubads.g.doubleclick.net	s.nitropay.com
1	eus.rubiconproject.com	s.nitropay.com
1	ce.lijit.com	s.nitropay.com
1	ads.pubmatic.com	s.nitropay.com
1	eb2.3lift.com	s.nitropay.com
1	js-sec.indexww.com	s.nitropay.com
1	static.criteo.net	s.nitropay.com
1	config.aps.amazon-adsystem.com	s.nitropay.com
1	ad.doubleclick.net	www.rolimons.com
1	btloader.com	s.nitropay.com
1	wrappers.geoedge.be	s.nitropay.com
1	api.rolimons.com	cdn.jsdelivr.net
1	thumbnails.rolimons.com	cdn.jsdelivr.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.rolimons.com
0	pixel.tapad.com Failed
0	sync.go.sonobi.com Failed
159	46

This site contains links to these domains. Also see Links.

Domain
www.roblox.com
discord.gg
twitter.com
nitropay.com

Subject Issuer	Validity	Valid
rolimons.com E1	`2024-04-27` - `2024-07-26`	3 months	crt.sh
nitropay.com GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
btloader.com GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.nitropay.com GTS CA 1D4	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.rbxcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-02-07`	a year	crt.sh
nitrocnct.com E1	`2024-04-20` - `2024-07-19`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-04-05` - `2024-07-04`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2024-02-29` - `2025-03-31`	a year	crt.sh
casalemedia.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-05` - `2024-10-02`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.rolimons.com/player/126166576
Frame ID: 7820CF1C3DF17BC141B73B8FF611EF8E
Requests: 127 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 7FAE790A4096EBAB4734119A9455B495
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: FFAC8AD4B0BF6545048E84C7494E52A9
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 78E4508DEED985442C080BD2BEB4FA90
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 707145D8AE7D978A12209D3FFAA22BE7
Requests: 8 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 12ADB75A1BA297DCF037A3A4976F2018
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F199F9AA697773FAC30F2903255494C9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&
Frame ID: 50AC36502C0F4F97FC6AC345C2940A15
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Frame ID: 8E2D5EF51F5080D07C57CF3512068AA9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055
Frame ID: EC12C455C8AC3B59C20D4FDCC39262D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Frame ID: E4F98AD16CE20CE572FE1829906C210F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

159
Requests

94 %
HTTPS

37 %
IPv6

29
Domains

46
Subdomains

42
IPs

4
Countries

1689 kB
Transfer

8678 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.roblox.com/games/14056754882/Flex-Your-UGC-Limiteds
Title: UGC Limiteds Game

Search URL Search Domain Scan URL

URL: https://discord.gg/rolimons
Title: Discord Server

Search URL Search Domain Scan URL

URL: https://discord.gg/WBJ6C8Yn6h
Title: Support Server

Search URL Search Domain Scan URL

URL: https://www.roblox.com/users/126166576/profile

Search URL Search Domain Scan URL

URL: https://www.roblox.com/users/126166576/trade
Title: Send Trade

Search URL Search Domain Scan URL

URL: https://twitter.com/Rolimons
Title: Twitter

Search URL Search Domain Scan URL

URL: https://nitropay.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5099a8c6-0839-4373-b4bc-0f705af02131&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=f304b277-df1f-4ac0-8702-ce84012b75df&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D5faa30e1789641b0b02e11d02e5b9c7f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=21998459&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fxvcgnf&aid=4696447755063889689 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5faa30e1789641b0b02e11d02e5b9c7f&SNR=1&GV=2&med=10

Request Chain 131

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5cc335a7-b439-428a-93eb-f8a45104a075&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=841eb328-ac3f-41ee-bc6a-00839a24d881&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D5c38b8f23dee44578dcd675e7f1912e7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=21998459&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6229328128406894207&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c38b8f23dee44578dcd675e7f1912e7&SNR=1&GV=2&med=10

Request Chain 134

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ec7ac06a-ed48-4e68-ba2c-080e9c3acf43&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7246c764-6e93-4c1f-a895-cfccd095c441&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Dc1ba858560044b2280ee5e4ac5bd6035%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=21998459&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7044158222998964806 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=c1ba858560044b2280ee5e4ac5bd6035&SNR=1&GV=2&med=10

Request Chain 146

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5099a8c6-0839-4373-b4bc-0f705af02131&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=f304b277-df1f-4ac0-8702-ce84012b75df&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D5faa30e1789641b0b02e11d02e5b9c7f%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=21998459&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fxvcgnf&aid=4696447755063889689 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5faa30e1789641b0b02e11d02e5b9c7f&tids=15000&med=10

Request Chain 147

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ec7ac06a-ed48-4e68-ba2c-080e9c3acf43&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7246c764-6e93-4c1f-a895-cfccd095c441&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dc1ba858560044b2280ee5e4ac5bd6035%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=21998459&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7044158222998964806 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c1ba858560044b2280ee5e4ac5bd6035&tids=1&med=10

Request Chain 154

https://ap.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055 HTTP 302
https://ce.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055

Request Chain 156

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831108684257

Request Chain 157

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553%26gdpr%3D0%26gdpr_consent%3D

Request Chain 158

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=_E23OglQXVVqBNCDSPlyxVD_B3s

Request Chain 160

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&google_hm=ZWEzYmQ3MWItYTUyMi00Yzk3LThiZTEtYjA1NjEzNTg4M2Zm&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&google_hm=ZWEzYmQ3MWItYTUyMi00Yzk3LThiZTEtYjA1NjEzNTg4M2Zm&gdpr_consent=&gdpr=0&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE_2zf-OV4A_ULNNggP6Pw8&google_cver=1&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&gdpr_consent=&gdpr=0 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ea3bd71b-a522-4c97-8be1-b056135883ff&gdpr=0&gdpr_consent=&us_privacy=

159 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request 126166576 Show response
www.rolimons.com/player/ 572 KB
163 KB 302ms
254ms Document
text/html 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54206de39d24295b8b13faf5a6ef91ba0c392ed18d2139c22b12c4b31fc76f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=10
cf-cache-status: EXPIRED
cf-ray: 887fccd5db849f51-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 22 May 2024 21:11:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZCbcZ3nyuKs7lc69pFWKfBf6jwULZjYrW4XS47%2F8ErmRNfo9ijEvcBwVT0U8NCc92c7qljsOLk9oupPtZQMzms95HwIddsbkN2uYjG5vRAzBSboO75eDSZ9du3kGQ9zLWo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ratelimit-limit: 750
x-ratelimit-remaining: 749
x-ratelimit-reset: 1716414258
x-xss-protection: 1; mode=block

GET
H3 200 ads-874.js Show response
s.nitropay.com/ 584 KB
182 KB 150ms
90ms Script
text/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-874.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5470cf5187c72ee95ba2ea26a0c02365fc51d9fdd2229504af6fb06891ec0e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1716404652
age: 6914
x-guploader-uploadid: ABPtcPoagbVlG7K7yl0VBSTuXx8roc2HM-fKteNaPCNFC1qTjnTCXS1flwIZwZHUX3SiGPSxzQ28D0qItQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 May 2024 19:16:23 GMT
server: cloudflare
etag: W/"0cba0ab30389c3be068ccac45a950154:1716405383000:DE"
vary: Accept-Encoding
x-goog-generation: 1716405309360258
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=t4pLJQ==, md5=DLoKswOJw74GjMrEWpUBVA==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 593505
cf-ray: 887fccd7f95835ae-WAW
expires: Thu, 22 May 2025 19:16:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 145ms
54ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKLVQSSPSF

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8af33876e52ed79a83b0bf07aa8545f4f0ca8296f5b7f7873f2d780f30774ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 May 2024 21:11:42 GMT

GET
H3 200 sitecombined.css
www.rolimons.com/css/ 164 KB
32 KB 88ms
88ms Stylesheet
text/css 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/css/sitecombined.css

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a75aeaf30064d5389e8eb5e3febc802cf687b9848b4ee25a2ccc707632731e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5003074
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 17 Mar 2024 20:32:10 GMT
server: cloudflare
etag: W/"320ba-18e4e1d5c90"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLGL0ubhc1jRRvke1ugl2Y9i3jUbECorDBKRZFGgrVfq%2BSMmBW7H4MJ7lxxOpnX3CmbWp2Gqef8lCnmryp8z43XvDm2WDXBZJCvAh8w5CTpRiNyEQElooJMVI5k5ZMnb%2BHQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=7776000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd79dff9f51-FRA

GET
H3 200 simplepagination.min.css
www.rolimons.com/css/ 1 KB
1 KB 123ms
122ms Stylesheet
text/css 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/css/simplepagination.min.css

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f84f8bea34b145c794068407638191f841da98fbb5db936ee3bfc898975017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410881
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:45 GMT
server: cloudflare
etag: W/"548-18d8ab92468"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCLpimZ8fDOtacwf9Cz%2BvW7c%2FmkrIrLc1N3Qe6atwmfaV2jAQ69a8EWX1B30v2jgZ%2FIu9QGgXnkxLyCJJvGIHCRVQ5AkgeEK4R1g85RV8S5%2Bj1blPtwz%2BKoMVjuPaY%2BMOI8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd79e039f51-FRA

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 87 KB
32 KB 122ms
38ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2455796
x-jsd-version: 3.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32699
x-served-by: cache-fra-etou8220059-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
23 KB 126ms
42ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1267743
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
x-served-by: cache-fra-etou8220121-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jwt-decode.min.js Show response
cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/ 2 KB
1 KB 165ms
81ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/jwt-decode.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6012904
x-jsd-version: 2.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1122
x-served-by: cache-fra-etou8220083-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"88d-JRgV54Ho0Cfi+gYKxbRnBKPtK48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/ 62 KB
17 KB 166ms
82ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/sweetalert2.all.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4060668
x-jsd-version: 8.19.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17397
x-served-by: cache-fra-etou8220124-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mixitup.min.js Show response
cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/ 87 KB
23 KB 170ms
87ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/mixitup.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7762168
x-jsd-version: 3.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22942
x-served-by: cache-fra-etou8220087-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"15bc7-2VILGgXMwXLEJBYfaT+sorfOrFQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 2 KB
1 KB 126ms
43ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4057321
x-jsd-version: 2.0.0-rc.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 981
x-served-by: cache-fra-etou8220036-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"8a2-ngY/Y9MDkyf1oyGHRNHDqclx9cM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 playerthumbnails2.js Show response
www.rolimons.com/js/ 2 KB
1 KB 113ms
111ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/playerthumbnails2.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

501766d902b477541fc89db03fa303db12d4f1fc28c0be829997b465edd68359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2428523
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:55 GMT
server: cloudflare
etag: W/"137f-18d8ab94a92"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uOSZWyCPBaKfaVJX00OEdadU4WmQ7CxxAQJIIm10Eg9nqRx2fptBVvdP38DXwXPogpzVbCXp64vN6D9cGxiIfjCSd5vtmiRaT%2FEeLgwDj7cvawoZodeqLvEIzd8Es1qxDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae1f9f51-FRA

GET
H3 200 search6.js Show response
www.rolimons.com/js/ 16 KB
4 KB 113ms
111ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/search6.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db20f04a96ecf0bf50b4ff889aaae6bad1a0cc63d1fb19503ccdc17baee077e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2175456
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:55 GMT
server: cloudflare
etag: W/"6caa-18d8ab94a9c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUGQcigvl16H1rrtXcmZfpv0yywiEa7DZ%2BwH9t9%2FettCJZGVvBQmFFWR%2BWBWuN9fE3oaSTtMvTY%2BU7XwYSGsLjKeOgoF2xEQ8NFtFMyHAgp8dh4Ajf807lUZxA%2BFhABiapw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae219f51-FRA

GET
H2 200 moment.min.js Show response
cdn.jsdelivr.net/npm/moment@2.29.1/min/ 57 KB
20 KB 79ms
75ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/moment@2.29.1/min/moment.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 646388
x-jsd-version: 2.29.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19910
x-served-by: cache-fra-eddf8230126-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"e5ee-+ZKgjIb4ixCr01+uINRo7FLIJOY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@7.3.3/ 133 KB
39 KB 79ms
75ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@7.3.3/swiper-bundle.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 21:11:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4030201
x-jsd-version: 7.3.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39912
x-served-by: cache-fra-eddf8230096-FRA, cache-cph2320055-CPH
x-jsd-version-type: version
etag: W/"212a2-/9gofZKGG3k/4DEPgfQ3XoYezfA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 highstock.js Show response
code.highcharts.com/stock/10.2.0/ 398 KB
133 KB 147ms
61ms Script
text/javascript 2606:4700::6812:909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/stock/10.2.0/highstock.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22651b3acbea602829ec18340818228842682b9b110219c3056e6a3ea0233c09

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZRESWK3GPA6EZ8RR
age: 25721
content-length: 135694
x-amz-id-2: EVrL4ocOTiZ38PvtI72HHudbwP53r/HZq2q5xvNKc++Jg957/EBDXEvHYinExPcSjEnhyz4hi70=
last-modified: Tue, 05 Jul 2022 11:18:27 GMT
server: cloudflare
etag: "110f876af5ef283aca971fcf76fb884f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=157680000
accept-ranges: bytes
cf-ray: 887fccd82abf9b3a-FRA
expires: Mon, 21 May 2029 21:11:42 GMT

GET
H2 200 exporting.js Show response
code.highcharts.com/10.2.0/modules/ 19 KB
7 KB 186ms
101ms Script
text/javascript 2606:4700::6812:909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/10.2.0/modules/exporting.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a527063ed118ded8511a78f3b4d79debd2f9e2d24bdcecc3ba3a9ff3e05d7f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZRENAH2RB40KGB0R
age: 25721
content-length: 7286
x-amz-id-2: HyBMVEEwI/loWAIhg6fE/n313Um0oyfBFJSQsi+SH3rfqa8c65tdJB4jODPnU4+Rebptgm8CmWU=
last-modified: Tue, 05 Jul 2022 11:18:29 GMT
server: cloudflare
etag: "ce40c39810b9f8aa447a2b5f37d5c20f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=157680000
accept-ranges: bytes
cf-ray: 887fccd82ac19b3a-FRA
expires: Mon, 21 May 2029 21:11:42 GMT

GET
H2 200 offline-exporting.js Show response
code.highcharts.com/10.2.0/modules/ 9 KB
4 KB 69ms
65ms Script
text/javascript 2606:4700::6812:909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/10.2.0/modules/offline-exporting.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7772fe4611ddf4830104fa873770182b22fc26f1596e563e1041d57b38aad4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZRENP0EBRA8R6V5B
age: 25721
content-length: 4089
x-amz-id-2: yPzA5eLJKWPOxba3uw/l54s5GsABf957vfFOH8vD8hsE7EbflFYrTTdK8Bi+DLrxaIFW6iAcyAA=
last-modified: Tue, 05 Jul 2022 11:18:30 GMT
server: cloudflare
etag: "3b6d879c2175c8f219ac4a87f3ba8ad3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=157680000
accept-ranges: bytes
cf-ray: 887fccd86af49b3a-FRA
expires: Mon, 21 May 2029 21:11:42 GMT

GET
H2 200 export-data.js Show response
code.highcharts.com/10.2.0/modules/ 12 KB
5 KB 69ms
65ms Script
text/javascript 2606:4700::6812:909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/10.2.0/modules/export-data.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d070ae92554169506758360610f8c7a0b347ad8261320f99af650331a2dc6bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZRERC9JCBFMD8TP8
age: 25721
content-length: 4997
x-amz-id-2: 8OBJnw3Yu8dRPLZCSPKuW1fCyZ8TZArsnZq4jluw+A2AE87JBVPWklCpu41La3rumImMuyzZiaE=
last-modified: Tue, 05 Jul 2022 11:18:29 GMT
server: cloudflare
etag: "ce8cee902ba75768a4e6c01716b2bf2f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=157680000
accept-ranges: bytes
cf-ray: 887fccd86af79b3a-FRA
expires: Mon, 21 May 2029 21:11:42 GMT

GET
H3 200 jquery.simplepagination.min.js Show response
www.rolimons.com/js/lib/ 11 KB
3 KB 114ms
113ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/lib/jquery.simplepagination.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42fb9d8c8ad76244a6f79c38725170e4200e6c279ec1de79bb0e0f06304de5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410881
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:45 GMT
server: cloudflare
etag: W/"2d4e-18d8ab924f4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BTv0WoExran%2BOihx7NVYrQ0Ln8yYti3Dgx31gY5Ril%2BzbP3MP9Z8kIEZ7%2BRBzDqzigXM3YybxyW9nbOEDqk%2B98GA0bdXvxn1sj6gMQyFcUMIQVmtCFhFGyCUlpjvCuG6XE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae229f51-FRA

GET
H3 200 playercharts.js Show response
www.rolimons.com/js/ 8 KB
4 KB 114ms
113ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/playercharts.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8835be36abcae14026f359ad1683fc928739bd1521a48a3b6c7635cdd4a0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2432163
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:45 GMT
server: cloudflare
etag: W/"41d3-18d8ab924f4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gxOKoGoTHDQp6dkx7%2F6YUdNNCN%2BqOOaU4lCrvYidtm02GjA2NdGI6UHXeKMdyB%2BqsALC2%2FqT%2BP%2BZNcpBHdSQ9mIHfngNq%2B9xD8Y5tp0xqeG0uAgV6H0DG96BWvJ3I3omaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae239f51-FRA

GET
H3 200 player9.js Show response
www.rolimons.com/js/ 149 KB
38 KB 115ms
114ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/player9.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161f0935437a3ddde5e269073952333893d53f92b54b485bee87701404d1498f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2423668
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:55 GMT
server: cloudflare
etag: W/"2aac2-18d8ab94a92"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYJKFbIyg2O9X9u%2FzSsJ756aLAyVWZoOgk0fcs4JYrP3joIpKPkekobl7%2Bn1qyrtAuMMm5hidOMvtjixfBVyWvmxuS%2FRrmguywsk6RTfTJSGtD7XIAA5j4ljb9%2FhHGuv72Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae269f51-FRA

GET
H3 200 playerugc.js Show response
www.rolimons.com/js/ 11 KB
4 KB 118ms
117ms Script
application/javascript 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/js/playerugc.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0b7a6ebe261feed721c51fbd2729581a536d44f30238e46dab46163ce6e3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2174491
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:55 GMT
server: cloudflare
etag: W/"49e5-18d8ab94a92"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfuySOVqdZc%2BlfFKL%2B1S8DpOV%2Fbeac5rCSnP9jFC2JNJvzCDE1zGH5S8QtblZZsA8AoJ5uskG%2BQmXLtrlzFPHh1a9wJa0HANQTh1GDX3LGEDegKUGtMSE6m2rm9IV3v4tyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
cf-ray: 887fccd7ae299f51-FRA

GET
H3 200 transparent-square-110.png
www.rolimons.com/images/ 156 B
746 B 117ms
117ms Image
image/png 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rolimons.com/images/transparent-square-110.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef947d5b7341846724ba65996528647f2d6f3f634257636b4caa9b4e8024f9c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5003053
alt-svc: h3=":443"; ma=86400
content-length: 156
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:45 GMT
server: cloudflare
etag: W/"9c-18d8ab924ea"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RqEnhIRUWrmrBvTKdt%2FQelEflhG9oVN8n7dexVg7BEEIjau5Y5iPdCF3kcJgww04YtO0EnpoNxrXvz2xpWjFqVeWTBEVxpJwgR9lsVBgHDMNJRBW2m3i9p%2B4vzMjzi1Ya%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
accept-ranges: bytes
cf-ray: 887fccd7ae2a9f51-FRA

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8865cf1d00dcb4f024ea0ae800cd488deabba01b4cfb93a495fab96f4ec200c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 182ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TKLVQSSPSF&gtm=45je45k0v886629015za200&_p=1716412301993&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=158081540.1716412302&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716412302&sct=1&seg=0&dl=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&dt=lifacy%20%7C%20Roblox%20Player%20Profile%20-%20Rolimon%27s&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=657
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKLVQSSPSF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 avatar Show response
thumbnails.rolimons.com/ 174 B
848 B 240ms
161ms XHR
application/json 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thumbnails.rolimons.com/avatar?userIds=126166576&size=420x420

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73eddac92863e6f994f4ee2b4b00980988caa5f65e3f5567136fc59151b3abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ae-3K/JC1F3jnZaaIzdyDqlqs0C+8M"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIjicFy4wT8Qh3VifQTr%2B%2FsrRA1ibEQp4Yx1wqWQRlpgVUdAhajiCSCJd62e%2FIjL%2FHLqOqUSWZFKgt%2BGseqRWN6tZCy6EwaBXTAEMugdwnYtuod7oOs48%2Fhg4i8eYphe2A0nG%2Bh%2FRYk5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=420
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
vary: Accept-Encoding
cf-ray: 887fccda388003a6-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 126166576 Show response
api.rolimons.com/players/v1/playerassets/ 7 KB
4 KB 185ms
172ms XHR
application/json 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rolimons.com/players/v1/playerassets/126166576

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d975f4f884523345900240488e43d578b9c81db51a2643f4a22483656f227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1b3e-27mSf5+6AjqPzNrDlkTVi+elECo"
vary: Accept-Encoding
x-ratelimit-remaining: 549
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.rolimons.com
cache-control: public, max-age=90
access-control-allow-methods: GET, POST, OPTIONS
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
x-ratelimit-reset: 1716416493
x-ratelimit-limit: 550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmU2uFQ2SYa6909lbSgjsY0Sttrhs5x0KjjB3nZEhhOQl52HoGYpPRhFQw3RSfaoLIxW32uHdF3C4JshBZvteXw9xmxvWdiRLK8uVzSd3hD0zXHgsdcnBEwKJ52qHFT2BTU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cf-ray: 887fccda990703a6-FRA

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
4 KB 122ms
38ms Fetch
text/html 2600:9000:2761:fe00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:fe00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-amz-version-id: SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date: Wed, 22 May 2024 06:56:02 GMT
via: 1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 51341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3527
last-modified: Tue, 19 Dec 2023 13:15:23 GMT
server: AmazonS3
etag: "6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: kSEdylD-GKA8fIrAZoOewTxhYQXG54p1nihM_zffIkfhJewElhsQKQ==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 7FAE 652 KB
197 KB 133ms
45ms Script
text/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: oT0tHG3bzF0iUTCEMPD3HdEMEAydPgpV
content-encoding: br
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 20:33:56 GMT
server: AmazonS3
etag: W/"bef96fd6cc6346fe46cfa97630b8d5fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: KCGCpZslJhwybESCYNjTabHSL5qDpRopnvvPzw1CP6MN5AKSoLOmBQ==

GET
H2 200 tag Show response
btloader.com/ 99 KB
29 KB 137ms
51ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02549c4896c5de4f23453181365708148688c63e3b3aadc00d47ad93f8fc17a5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 20:51:14 GMT
server: cloudflare
age: 1010
etag: "e6f11909b738f18c2e79ed66824e9e39"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 887fccdda90e1c40-FRA
content-length: 28971

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 16 KB
6 KB 237ms
150ms Script
application/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: WiOVCnEFt3_sokyg.radBxwTs.fq8OtZ
content-encoding: br
last-modified: Mon, 18 Dec 2023 19:27:12 GMT
server: AmazonS3
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 1233
x-amz-cf-id: Ca_uMqXTr8QpoadgMB-IOfwLJqPdps344yZJpDOrRotxKS01m643jw==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
29 KB 141ms
56ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

14803e4fb5fb11fc8c947592e7f9c63642e9a49eab81574f7dea68dfb1175f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30039
x-xss-protection: 0
server: cafe
etag: 688 / 19865 / 31083839 / config-hash: 13171527506944853023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 May 2024 21:11:42 GMT

GET
H3 200 gpp-4cab6c0.min.js Show response
s.nitropay.com/ 260 KB
49 KB 69ms
69ms Script
application/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-4cab6c0.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67a7e47c9a86b72222902ce935afc142f683f415fc5be76e4d9f3061a57b200

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 6974
x-guploader-uploadid: ABPtcPpETvScmDHx0ZSPXk1q1K0HOGK383hBe0MnG7-559_e4S1poqlR9vfBwBuIkyXCKwIIcBSWl35zrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 17:17:28 GMT
server: cloudflare
etag: W/"ce7b1fa893ef6245b7afb82ef7d5a764"
vary: Accept-Encoding
x-goog-hash: crc32c=9oy3/w==, md5=znsfqJPvYkW3r7gu99WnZA==
x-goog-generation: 1707758248798793
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800
x-goog-stored-content-length: 266449
access-control-expose-headers: Content-Type
cf-ray: 887fccdd38dc35ae-WAW
expires: Wed, 29 May 2024 19:15:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 303 KB
75 KB 128ms
43ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:39:56 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 20:29:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1908
x-amz-server-side-encryption: AES256
etag: W/"299fe111f64c76143769e50e3f9edd6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: JzQ_bynCoMirB3rFkxCZ9o_LgX1uWhNLL4H1PhAGmE5XUPZgbfKrWQ==

GET
H2 204 874
tracker.nitropay.com/a/ 0
0 245ms
152ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/a/874?d=eyJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzYiLCJ2Ijo5NiwiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJERSIsInIiOiIifQ%3D%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 1.gif
s.nitropay.com/ 42 B
622 B 68ms
67ms Image
image/gif 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 6975
x-guploader-uploadid: ABPtcPpByzHgKjYXbCG_3sMB3kA50qE-NPHxrlgQEXdBeUZtboF-8ifZlAxF5RrFiWmmZYXTX5ebjJ0aPQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 887fccddd9ca35ae-WAW
expires: Wed, 29 May 2024 19:15:28 GMT

GET
H3 200 close2.svg
s.nitropay.com/assets/ 305 B
800 B 71ms
71ms Image
image/svg+xml 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/close2.svg

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 6974
x-guploader-uploadid: ABPtcPoY8Z-gJ4gnCnRk7m_hki8VkXR-DF-CLQLNvnVKYVCyhdGg9PpUk8jxiF40E8WiAnO6NObxhTsesg
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Wed, 08 Dec 2021 23:38:47 GMT
server: cloudflare
etag: W/"ca26e4a931ab434f475491bcab06132b"
vary: Accept-Encoding
x-goog-generation: 1639006727668923
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 305
cf-ray: 887fccddd9d035ae-WAW
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 noFilter
tr.rbxcdn.com/30DAY-Avatar-8EB44DE87A73B75A3AFCD89A6F18FAC0-Png/420/420/Avatar/Webp/ 7 KB
8 KB 135ms
50ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-Avatar-8EB44DE87A73B75A3AFCD89A6F18FAC0-Png/420/420/Avatar/Webp/noFilter

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

2fa34c95e08c20ab1bb5a80a6efbe8110446cf7517cc1b11b4db90a5fb282361

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 7434
x-roblox-edge: iad4
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: c996e4f4-d0f8-8c8c-34e3-fba49b49768a
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256502681,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
DATA 200
OK truncated
/ 579 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85482c87b539e5fc17e00693ba0a0b8153924e191a113cfe1672735b31499e43

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Webp
tr.rbxcdn.com/0c54305eb2775385ee670cb16f28e1f0/110/110/Hat/ 2 KB
3 KB 50ms
48ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/0c54305eb2775385ee670cb16f28e1f0/110/110/Hat/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

162fd02dc7dbeb0dcf3e1c7233e1c23b6917d5e91b0aa8a2d4d898b411bf3c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 2278
x-roblox-edge: iad4
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 94268be3-65b9-d431-7a5a-38ca03375488
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503689,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 Webp
tr.rbxcdn.com/07a9f4038d03d320adadbe47d60a9196/110/110/Hat/ 1 KB
2 KB 50ms
49ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/07a9f4038d03d320adadbe47d60a9196/110/110/Hat/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

9ac8a009ae6ba3a278a5b0c816d95047105c043371da6eff681b7d40175a98a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 1098
x-roblox-edge: lax4
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 5888aff5-4e7a-4b55-75a4-fc58a5562fa9
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503698,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 Webp
tr.rbxcdn.com/9cfe32a167021cc656007d933901b8d9/110/110/Hat/ 1 KB
2 KB 46ms
45ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/9cfe32a167021cc656007d933901b8d9/110/110/Hat/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

ccf080c5282c71021906c28f7aa58e34813991ae2a3b0e8cbde6a82d78ccbd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 1408
x-roblox-edge: ord2
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: aaac4ba1-9382-3ca9-919b-c7297739dbaf
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503699,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 Webp
tr.rbxcdn.com/e014deac5dda2bebd978587de70da241/110/110/Face/ 2 KB
3 KB 74ms
73ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/e014deac5dda2bebd978587de70da241/110/110/Face/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

0aa316fb0c3f96691cd0f2282705b9dee1064ff1260252158463d5ca0d20dc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 2530
x-roblox-edge: ord2
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: c08683d2-db31-9c32-d934-484bca212733
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503700,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 Webp
tr.rbxcdn.com/60f4a9e563df4328ba3c2e8fcaadfadd/110/110/Hat/ 3 KB
3 KB 50ms
49ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/60f4a9e563df4328ba3c2e8fcaadfadd/110/110/Hat/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

3534900f2841f2074aea7ac79e56d521b53e9eb365a355907913f6aa446eb37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 2982
x-roblox-edge: atl1
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: ddb9c323-6f55-0fd1-c90f-338acc7b2565
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503701,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H2 200 Webp
tr.rbxcdn.com/29e9625338ee5f55aa19f89d276f734c/110/110/Hat/ 3 KB
4 KB 47ms
46ms Image
image/webp 2a02:26f0:3500:11::215:14cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/29e9625338ee5f55aa19f89d276f734c/110/110/Hat/Webp

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

0467ac8a5cf3cbc48ec1df0da226e6c293042ec21617d41295ed12c3294b1541

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600
date: Wed, 22 May 2024 21:11:43 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
content-length: 3422
x-roblox-edge: lax2
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 87ed7f12-9087-1bc5-7dc6-00f13a90e351
content-type: image/Webp
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
akamai-request-bc: [a=23.206.213.76,b=1256503702,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
expires: Thu, 22 May 2025 21:11:43 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/ 453 KB
141 KB 40ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083839

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22936
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144704
x-xss-protection: 0
server: cafe
etag: 14917180474181173892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 May 2025 14:49:27 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame FFAC 652 KB
0 0ms
0ms Script
text/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: oT0tHG3bzF0iUTCEMPD3HdEMEAydPgpV
content-encoding: br
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 20:33:56 GMT
server: AmazonS3
etag: W/"bef96fd6cc6346fe46cfa97630b8d5fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: KCGCpZslJhwybESCYNjTabHSL5qDpRopnvvPzw1CP6MN5AKSoLOmBQ==

GET
H3 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
36 KB 115ms
60ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-4cab6c0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121687
x-guploader-uploadid: ABPtcPosvHyYVESCV2v-4Eeo4LviI3gnaV1GDxo1JOgQt8L8dnQ7DLU4let7xIA93JFWGRNIRf_f7Mr4dw
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
server: cloudflare
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary: Accept-Encoding
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation: 1689147090287559
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7Jy%2BFOCBqriLYBJnrIj4YvEoizuzgBQf0TSQ6LShF%2F3YcEpwk9UmW6uEHASPknvOKuH7XjTFTU2dr%2FoIsdqW8qNSXvLJ0oT8N%2FnA%2FSVWMvCMxfH1QyX2X7z91LwiXDaTTd7vaowlsw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 119221
cf-ray: 887fcce11f548ebb-FRA
expires: Tue, 28 May 2024 11:19:31 GMT

GET
H3 200 vendor-list-v3.json Show response
consent.nitrocnct.com/ 602 KB
75 KB 153ms
99ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/vendor-list-v3.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-4cab6c0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9e8d0d8528060ce8582b8cf175fbc65e5034fd782d8ad14cf324275c2290735

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429357
x-guploader-uploadid: ABPtcPoWnyNkWFpDAPZuHdinug__FI9d44Pcgw6IO2iklH9RBwecp3j92mkqE0tYLThNA9yPjlk3O_MoIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 16:15:04 GMT
server: cloudflare
etag: W/"55f502e7aef4a373a4aa45074383662e"
vary: Accept-Encoding
x-goog-hash: crc32c=qjFzog==, md5=VfUC5670o3OkqkUHQ4NmLg==
x-goog-generation: 1715876104576994
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWDoq%2BfbEQtkKFz9eN7JjZUYK1H9fwswOj2L1kSeREIgK5RFpFeeDN6389z%2BjcSvs9duoF1IRg2epWcyr4UFcIllKns8VPNvv%2F9UdFZuyeSJo2ed50qaZ8kdyKJqztHBqrnbsX4eVhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=604800
x-goog-stored-content-length: 616211
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 887fcce11f518ebb-FRA
expires: Fri, 24 May 2024 21:16:05 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 3262ms
3082ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 21:11:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
918 B 3257ms
3080ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2324866
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0dTPbv267UntsSxXk%2Fqh7Zlkxuc9eMNOpaxiyWgc0s1brYvCT4U0Ohjr%2BJPwOSCB2s3ds7QfmlxS730uxCt0fulOgfGN2as3SJ6%2BA3LuWD01mBtYBmjcnL32U2Cw8r8xZxYhVv8hDVrU8pXIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 887fcce1eff8367a-FRA
expires: Thu, 25 Apr 2024 23:51:23 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 94ms
39ms Image
image/x-icon 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 14:14:19 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 3257ms
3080ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.32258382351473114
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2324866
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jK85xsrDA6PHksgQROObXrO92h0PAdoIaBdGlgQkNaavj%2FJRdpSzzwMLot5sfDl2KOzovRq6B6FFi2rKRGfOwWUJYhcgRBDLJ9%2BU%2F2IPm9jQA1g5ZAqyhzp8PAfoUH19%2FDJ1XIQcYJ3E4Y2vfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 887fcce1effc367a-FRA
expires: Thu, 25 Apr 2024 23:51:23 GMT

GET
H2 200 da657530-03e5-4306-95bc-d4eb370426c9 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 3236ms
3077ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:39:27 GMT
via: 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 1936
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: MuifUc5vQ9QiBX7GNXBFkByx541XHu65LuJHT_qn8RBVeUvs1M4kBQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 38ms
37ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.rolimons.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 19:18:05 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 6817
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: QYyUZ3MaTPZZlB3G_YSk0X9PC-qA49mxmo6FyxgRh_1fIAz00RxEOQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 3224ms
3078ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&pid=p7ME3lkrtB4cR&cb=0&ws=1600x1200&v=24.506.1519&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_top_inline_lb%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: C_651dCChmDJARnWw__9VTlbDGoyaW8QazSIMA_8w0dKXXUHytya6A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 3219ms
3079ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&pid=p7ME3lkrtB4cR&cb=1&ws=1600x1200&v=24.506.1519&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_left_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:42 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: y6Bs-CWMP7rF8ay2rovLHShxj7_moFNEunF_gDGu8a1WKvQ9PHKkeA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 3213ms
3080ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&pid=p7ME3lkrtB4cR&cb=2&ws=1600x1200&v=24.506.1519&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_right_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sGN6jJpZWa52NXO3p1sLiUOEKPqC6kGl98XcHDdPkG552Ez3PGrJ0g==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 3205ms
3079ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&pid=p7ME3lkrtB4cR&cb=3&ws=1600x1200&v=24.506.1519&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_bottom_inline_lb%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:43 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: KLUPb2fsLW0lI_iaVMCfBTkle_RUlqXmWgw33ex1NNnbY2ytQXIgAA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 115ms
38ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
date: Wed, 22 May 2024 02:37:09 GMT
x-amz-cf-pop: FRA56-P6
age: 66875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ZoMQ0b6uNSNCr_eKPUCoMG4XhLZNW6v2aMwmton1V-dYyUjITnbRRA==

GET
H3 200 lang.png
s.nitropay.com/cmp/ 2 KB
2 KB 67ms
66ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/lang.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3375
x-guploader-uploadid: ABPtcPpmA2g_5b3LQM4W90mMEa3PdxmvmdPYtmlvG1ymG3yHEyqwqUkXIOl0oLlVhL8Fu2egmlX6ObbEbQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1887
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
vary: Accept-Encoding
x-goog-generation: 1666344058779792
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 887fccf5bb5235ae-WAW
expires: Wed, 22 May 2024 21:11:36 GMT

GET
H3 200 cancel.png
s.nitropay.com/cmp/ 1 KB
2 KB 65ms
64ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/cancel.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3375
x-guploader-uploadid: ABPtcPp1YU9QIr59S0WmQx8R-NHHCQhBKeOoI_wVUNEFO33KD4FqZw8LMz4ifj4tl47HLMbDuxRTumACZg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1302
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
vary: Accept-Encoding
x-goog-generation: 1666344058825998
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 887fccf5bb5535ae-WAW
expires: Wed, 22 May 2024 21:15:31 GMT

GET
H3 200 logo.png
s.nitropay.com/cmp/ 3 KB
3 KB 64ms
64ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/logo.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3375
x-guploader-uploadid: ABPtcPok8-bFkaRFpxn8ssk9861hc_OR2JKVHzwE4u2Nbycuh-YPGoKUWhzsb1sMHxn610WkjC8ozrwt-A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2592
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
vary: Accept-Encoding
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
x-goog-generation: 1666344058842900
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 887fccf5bb5835ae-WAW
expires: Wed, 22 May 2024 21:15:31 GMT

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
110 B 268ms
173ms Fetch
application/json 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nitropay.com/v4/openrtb2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 58ef398459b11df193255541415dcb4cac9228f28d8f6a28d697329494f68b20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 May 2024 21:11:47 GMT
via: 1.1 google
last-modified: Wed, 22 May 2024 21:11:47 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
283 B 251ms
156ms Fetch
application/json 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nitropay.com/v4/openrtb2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 86fd1543533af7aa0758c61e50ea2c68a5bf83bf0f94dd82df917fa997221cfc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
via: 1.1 google
last-modified: Wed, 22 May 2024 21:11:46 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
110 B 268ms
174ms Fetch
application/json 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nitropay.com/v4/openrtb2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 5434659f449dbedecc66b870f0a2dc70a8352a9b8c0f260fb584a9dd0a501830

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 May 2024 21:11:47 GMT
via: 1.1 google
last-modified: Wed, 22 May 2024 21:11:47 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
133 B 259ms
165ms Fetch
application/json 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nitropay.com/v4/openrtb2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: /
Resource Hash: f3d1db5393c63c2dff3255f7ef7546501625f37752876dbbec6ddb5eaab5c24d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 May 2024 21:11:47 GMT
via: 1.1 google
last-modified: Wed, 22 May 2024 21:11:47 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57

GET
H2 200 country Show response
api.btloader.com/ 37 B
162 B 152ms
151ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=6278260873756672
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 151ms
151ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=YFeUIrRD&w=6021189733449728&o=6278260873756672&cv=2.1.44-1-g797e4b1&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&sid=Hqq4XhHl&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 21:11:46 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 favicon-32x32.png
www.rolimons.com/ 896 B
1 KB 51ms
50ms Other
image/png 172.67.74.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rolimons.com/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902f6894dd0f37b7d0563c6217844ad9e14c080ea9f588fff3c5c421d3696737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/player/126166576
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5015357
alt-svc: h3=":443"; ma=86400
content-length: 896
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 21:56:45 GMT
server: cloudflare
etag: W/"380-18d8ab92468"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cjM2V4pCK1Kwwu%2By2FiG7Ji8VyuarEukj4oB1bfcLKDlVZQ034OdGzI9Q1W5cuGCqzfQogXZC8rdTlh5viY1Yawpb%2BLrp7FLLR1ds2SDblDXBe3ozw3K2WS52bF%2BV5Kf7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=7776000
permissions-policy: camera=(),display-capture=(),geolocation=(),microphone=()
accept-ranges: bytes
cf-ray: 887fccf63de69f51-FRA

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 188ms
80ms Fetch 18.159.201.246

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.201.246 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 56 B
214 B 218ms
129ms Fetch
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:52 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 May 2024 21:11:53 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
284 B 186ms
85ms Fetch
application/json 18.157.230.4

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tmax=2200&gdpr=true&cmp_cs=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.230.4 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs-simple.com/ut/v3/ 13 KB
6 KB 456ms
323ms Fetch
application/json 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

db291a7d8aa96db9f92ae65aa572b81d048a28c733e5b8a1ccd46cb5d8094cb3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
an-x-request-uuid: 5a26cd87-0970-413f-b59d-7e085b2de6ff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
318 B 194ms
111ms Fetch
application/json 172.64.151.101

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=743665
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fae5ad012f168a86de235be3762af11e369f72f64b05c0249e1518f7a05e67

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCeEuqGr1%2BGunk5TxTkx%2Byoa3HpLUfL8JFJeae48RV%2F1TLieWz4f1w3%2FgznVygYZgBsXnjWDGD%2FIHLeg%2FPQ%2Be47k0NMn%2FwZaFys9%2FHgkxBMrYm4Lv6ccNdYZPFhuWg6cyANhq3RC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 887fcd1c987b2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 621 B
1 KB 703ms
152ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22136052202b37e96%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%7Cgpid%3Ddesktop_top_inline_lb%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&s=aea1d9df-af55-4b81-95cf-8acc4db542a3&pv=10e17d0a-5436-4f7b-8903-87e18fddf209&vp=desktop&lib_name=prebid&lib_v=8.44.0&us=5&iqid=%7B%22pcid%22%3A%22ac94e41e-6af4-4eb9-af97-206c98337eaf%22%2C%22pcidDate%22%3A1716412312959%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22f476a30b-0f7d-4b65-b0fe-2a7df232575b%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22rolimons.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22rolimons.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576%22%2C%22name%22%3A%22Rolimon%27s%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%2C%22gpp_sid%22%3A%5B2%5D%2C%22gpp%22%3A%22DBABM~%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22125%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22125%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22751%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22746316a9-5e6e-449b-90e5-26be98fb23ae%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

d7cfda05c167b37f861a700e21dc8badf0da62e1eaf24e292ef66b635c6cbb6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-45
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 339
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 179ms
63ms Fetch 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 437 B
471 B 184ms
73ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=381378&zone_id=2113488&size_id=2&alt_size_ids=55&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&rp_schain=1.0,1!nitropay.com,751,1,,,&eid_pubcid.org=746316a9-5e6e-449b-90e5-26be98fb23ae%5E1&rf=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.domain=rolimons.com&tg_i.page=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.name=Rolimon%27s&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=desktop_top_inline_lb&tk_flint=pbjs_lite_v8.44.0&x_source.tid=f476a30b-0f7d-4b65-b0fe-2a7df232575b&l_pb_bid_id=17e55fde4e090f3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=cae4fbf5-7b12-4c4c-b734-72ef0b850277&rp_maxbids=1&p_gpid=desktop_top_inline_lb&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.0826386569726294
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3dfb3eee782e57438d446a09fa30f574a290413ada6579c4b39576791172585d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 437
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 133ms
49ms Fetch 178.250.1.8

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=49008364717&lsavail=1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
360 B 228ms
91ms Fetch
application/json 34.253.100.47

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.44.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.100.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90ec8b6455ad1e20b8d9bffbd1f3bf2a6ee0aad9247e1684d93b803edc31ddb4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 160ms
79ms Fetch 18.159.201.246

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.201.246 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 621 B
1 KB 801ms
266ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222663b4e0bc297c3%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Ddesktop_left_gutter_skyscraper%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&s=a2fafbe8-223a-4bfa-b228-25ee9e5ed72e&pv=10e17d0a-5436-4f7b-8903-87e18fddf209&vp=desktop&lib_name=prebid&lib_v=8.44.0&us=5&iqid=%7B%22pcid%22%3A%22ac94e41e-6af4-4eb9-af97-206c98337eaf%22%2C%22pcidDate%22%3A1716412312959%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22b520c361-4428-441a-a127-6740852d9406%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22rolimons.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22rolimons.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576%22%2C%22name%22%3A%22Rolimon%27s%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%2C%22gpp_sid%22%3A%5B2%5D%2C%22gpp%22%3A%22DBABM~%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22125%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22125%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22751%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22746316a9-5e6e-449b-90e5-26be98fb23ae%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

d0d0cf2c4476d1be9c1283ae0986c95b52f93f21eec1c601aec4a1d41d2f2d28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-137
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 338
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
360 B 222ms
92ms Fetch
application/json 34.253.100.47

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.44.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.100.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 043f8bea9582d0763c52a27e2c683ee60e870f71ed3c384b307ff540b6a1cbb2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 426 B
460 B 213ms
114ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=381378&zone_id=2113488&size_id=9&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&rp_schain=1.0,1!nitropay.com,751,1,,,&eid_pubcid.org=746316a9-5e6e-449b-90e5-26be98fb23ae%5E1&rf=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.domain=rolimons.com&tg_i.page=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.name=Rolimon%27s&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=desktop_left_gutter_skyscraper&tk_flint=pbjs_lite_v8.44.0&x_source.tid=b520c361-4428-441a-a127-6740852d9406&l_pb_bid_id=30a196fefdcb0ab&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ecc9b815-0c78-4c0a-9401-b3b8fd4bd56f&rp_maxbids=1&p_gpid=desktop_left_gutter_skyscraper&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.9361603628988879
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 112fbc91d81f801f2b09f38d07f6eb53a51e400836d642609d77511074f46ada

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 426
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 165ms
65ms Fetch 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
284 B 198ms
126ms Fetch
application/json 18.157.230.4

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.230.4 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
316 B 198ms
138ms Fetch
application/json 172.64.151.101

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=743602
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fe86476640b5720d5a49bd10d4334f348f2d357adf2f227d6387d1c5d364ab20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLRpsKxu6dKb4I4k1mA%2BZNco81F%2F%2FXKrEj2OtyUrA%2BKJfs3IDj3u%2FFv40Zljou3OZyFD3r10YywkTtnBE9s8pyAzQ64k8ne1iobPpmyTThym%2BzC8Ydfj9%2FJStjB%2FhSvIPAIgzY9Q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 887fcd1c98842681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 159ms
88ms Fetch 178.250.1.8

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=49789578676&lsavail=1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 56 B
214 B 143ms
86ms Fetch
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:52 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 May 2024 21:11:53 GMT

POST
H2 200 prebid Show response
ib.adnxs-simple.com/ut/v3/ 137 B
703 B 218ms
114ms Fetch
application/json 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4edb223105fbed7bcf03a0b9a2235e6e478ac64669f9d6840aebe88ed6c166bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
an-x-request-uuid: 3585e001-40aa-4dc1-95a9-123dbd311052
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 137
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 109ms
47ms Fetch 178.250.1.8

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=38998850380&lsavail=1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs-simple.com/ut/v3/ 13 KB
6 KB 369ms
274ms Fetch
application/json 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

cc099993f865e49fdee6bcc0d1388b02ecd0d89eef69674fbc340bfa5e1813dc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
an-x-request-uuid: bb6b66a0-5297-44cd-bbe6-1b1921aceaab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
147 B 130ms
67ms Fetch 18.159.201.246

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.201.246 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
285 B 144ms
84ms Fetch
application/json 18.157.230.4

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.230.4 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
361 B 202ms
89ms Fetch
application/json 34.253.100.47

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.44.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.100.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 415a157698b9b53a678366d76fca3ee478c162db60993e2edd77695177ec4c4e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 621 B
1 KB 653ms
136ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22556a4e7a6401dae%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Ddesktop_right_gutter_skyscraper%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&s=2742415d-9a6f-4f36-92d0-6048d3d4c142&pv=10e17d0a-5436-4f7b-8903-87e18fddf209&vp=desktop&lib_name=prebid&lib_v=8.44.0&us=5&iqid=%7B%22pcid%22%3A%22ac94e41e-6af4-4eb9-af97-206c98337eaf%22%2C%22pcidDate%22%3A1716412312959%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22def2b094-d9c9-4bdd-8fc2-4d24cb19ff89%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22rolimons.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22rolimons.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576%22%2C%22name%22%3A%22Rolimon%27s%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%2C%22gpp_sid%22%3A%5B2%5D%2C%22gpp%22%3A%22DBABM~%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22125%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22125%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22751%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22746316a9-5e6e-449b-90e5-26be98fb23ae%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

d6708c7fcaffd54c568ef2494294af2b41839cf185055eb5acc696a6aefa1ca4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-189
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 337
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 427 B
637 B 150ms
69ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=381378&zone_id=2113488&size_id=9&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&rp_schain=1.0,1!nitropay.com,751,1,,,&eid_pubcid.org=746316a9-5e6e-449b-90e5-26be98fb23ae%5E1&rf=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.domain=rolimons.com&tg_i.page=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.name=Rolimon%27s&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=desktop_right_gutter_skyscraper&tk_flint=pbjs_lite_v8.44.0&x_source.tid=def2b094-d9c9-4bdd-8fc2-4d24cb19ff89&l_pb_bid_id=57a5f1dcd537d3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9ed4a879-8ac9-40d6-bd35-0bc239a20a86&rp_maxbids=1&p_gpid=desktop_right_gutter_skyscraper&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.03394179905996797
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4f189cf2a2080f2fbf4735ccd8e2faa836d54e5e6de1917dbd225efb61bc561a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 427
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
551 B 151ms
107ms Fetch
application/json 172.64.151.101

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=743602
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dddb633eb881dcba0685aa73b4fb7dd5606ad12b4a5dbd713600273a9202f83

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObGgpJ3CbvLi%2FsyC2b4e5T%2F4mQmjaEAOvMDO1bwgiiOZgLlAKjD6Q%2B3vV2415dutzTQPQmtFeJ2ZuM5vfXT47aNzVsYLWcBnTmd0BZKeXPAF%2Bb8Z%2Fvo7wdtvi%2F7hR7qnvDa3YEbq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 887fcd1c987e2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 186ms
105ms Fetch 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 56 B
550 B 94ms
53ms Fetch
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:52 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 May 2024 21:11:53 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 82ms
81ms Fetch 178.250.1.8

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=62551934058&lsavail=1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
313 B 127ms
127ms Fetch
application/json 172.64.151.101

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=743665
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fcb75f9e4454f869bffe93b4ec0ca63aa930f0d5ae82530f0641e67d88a2d0d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuXhzQkaAoyFI%2FMAaRw%2FXWXj0iy9Xkb4DBuZnTwv3LAorRGIXrwixkri04nbIOquhNUKOcDPvIi%2BUuoHWtwXWZPstr%2BwLAaQicL4Ufkid9GTK6cON%2Bmh6aewLSO35RIvH5ScPSl1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 887fcd1cd9122681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs-simple.com/ut/v3/ 13 KB
6 KB 346ms
322ms Fetch
application/json 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

b44981d0855b313b878aa15c6fa784ca2bf3561f435839f89b92fde6507b952b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
an-x-request-uuid: 5febd05f-e744-4e6a-a559-600fef220bae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 121ms
105ms Fetch 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 56 B
211 B 62ms
62ms Fetch
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 May 2024 21:11:53 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 70ms
70ms Fetch 18.159.201.246

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.201.246 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.rolimons.com
date: Wed, 22 May 2024 21:11:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
284 B 111ms
111ms Fetch
application/json 18.157.230.4

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.230.4 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 620 B
1 KB 595ms
151ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2280a2edec721daf%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%7Cgpid%3Ddesktop_bottom_inline_lb%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&s=65746e8a-0c39-4d8f-9b03-dd5b2e859080&pv=10e17d0a-5436-4f7b-8903-87e18fddf209&vp=desktop&lib_name=prebid&lib_v=8.44.0&us=5&iqid=%7B%22pcid%22%3A%22ac94e41e-6af4-4eb9-af97-206c98337eaf%22%2C%22pcidDate%22%3A1716412312959%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2216d52eaf-b7bb-4e26-aacd-d5a2f35878fb%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22rolimons.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22rolimons.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576%22%2C%22name%22%3A%22Rolimon%27s%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22680%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%2C%22gpp_sid%22%3A%5B2%5D%2C%22gpp%22%3A%22DBABM~%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22125%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22125%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%22751%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22746316a9-5e6e-449b-90e5-26be98fb23ae%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

42a93a33d427355556b284124ad2fe79b163b64a04c5a3e52d278afb029b73da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-163
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 337
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 440 B
474 B 105ms
96ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=381378&zone_id=2113488&size_id=2&alt_size_ids=55&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&rp_schain=1.0,1!nitropay.com,751,1,,,&eid_pubcid.org=746316a9-5e6e-449b-90e5-26be98fb23ae%5E1&rf=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.domain=rolimons.com&tg_i.page=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&tg_i.name=Rolimon%27s&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=desktop_bottom_inline_lb&tk_flint=pbjs_lite_v8.44.0&x_source.tid=16d52eaf-b7bb-4e26-aacd-d5a2f35878fb&l_pb_bid_id=82037dc94f4f651&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3f065636-ec79-4848-8a06-ed7b25e0f44e&rp_maxbids=1&p_gpid=desktop_bottom_inline_lb&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22125%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22125%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.43940263010682656
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b307fa13586f4fbcb4e54eb952654b9303c528dac38b32d0578a68e9eeaf02b3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 440
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
359 B 129ms
90ms Fetch
application/json 34.253.100.47

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.44.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.100.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a970e6d52b671920284b0b53e77a47fbfd8f67b4139385114a3baabbfdf37f2d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 98

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 78E4 652 KB
0 0ms
0ms Script
text/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: oT0tHG3bzF0iUTCEMPD3HdEMEAydPgpV
content-encoding: br
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 20:33:56 GMT
server: AmazonS3
etag: W/"bef96fd6cc6346fe46cfa97630b8d5fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: KCGCpZslJhwybESCYNjTabHSL5qDpRopnvvPzw1CP6MN5AKSoLOmBQ==

GET
H2 204 874
tracker.nitropay.com/i/ 0
0 157ms
152ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF9yaWdodF9ndXR0ZXJfc2t5c2NyYXBlciIsImNyZWF0aXZlSWQiOiIzODE4NDY3MTQiLCJiaWRkZXIiOiJhcHBuZXh1c0FzdCIsInRpbWVUb1Jlc3BvbmQiOjM3OCwiaGVpZ2h0Ijo2MDAsIndpZHRoIjoxNjAsImNwbSI6MC4wMjYzMzA2NCwiaHJlZiI6Imh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2IiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJkY2hhaW5cIjp7XCJ2ZXJcIjpcIjEuMFwiLFwiY29tcGxldGVcIjowLFwibm9kZXNcIjpbe1wiYnNpZFwiOlwiMTIwODVcIn1dfSxcImJyYW5kSWRcIjo4OX0iLCJyZXF1ZXN0SWQiOiIwMThmYTIyNS00NjhhLTcwMDAtODIwOC0yYTU5NWRhNzc4ZTEiLCJjIjoiREUiLCJyIjoiIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MTY0MTIzMTM2NjEsImYiOiIxNTk4MXBhIn0%3D&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 n.svg
s.nitropay.com/ 1 KB
1 KB 91ms
90ms Image
image/svg+xml 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/n.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 3383
x-guploader-uploadid: ABPtcPpDmGm9lzQy1i5V386XPm7ckB6nU-BG6JUBAj84W7YBgmHRSNTvVA7lrmCgwweNw2UqcR1J9ENdgA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Oct 2022 06:19:07 GMT
server: cloudflare
etag: W/"47ce57ca1cac5f9545f1e2fb9c6bd90d"
vary: Accept-Encoding
x-goog-hash: crc32c=Tm86FQ==, md5=R85XyhysX5VF8eL7nGvZDQ==
x-goog-generation: 1664950747723912
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 1437
cf-ray: 887fcd208b0835ae-WAW
expires: Wed, 22 May 2024 21:15:30 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 7071 652 KB
0 0ms
0ms Script
text/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: oT0tHG3bzF0iUTCEMPD3HdEMEAydPgpV
content-encoding: br
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 20:33:56 GMT
server: AmazonS3
etag: W/"bef96fd6cc6346fe46cfa97630b8d5fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: KCGCpZslJhwybESCYNjTabHSL5qDpRopnvvPzw1CP6MN5AKSoLOmBQ==

GET
H2 204 874
tracker.nitropay.com/i/ 0
0 155ms
154ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF9ib3R0b21faW5saW5lX2xiIiwiY3JlYXRpdmVJZCI6IjM4MTg0NjcxNCIsImJpZGRlciI6ImFwcG5leHVzQXN0IiwidGltZVRvUmVzcG9uZCI6MzQ4LCJoZWlnaHQiOjkwLCJ3aWR0aCI6NzI4LCJjcG0iOjAuMDI2MzMwNjQsImhyZWYiOiJodHRwczovL3d3dy5yb2xpbW9ucy5jb20vcGxheWVyLzEyNjE2NjU3NiIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjEyMDg1XCJ9XX0sXCJicmFuZElkXCI6ODl9IiwicmVxdWVzdElkIjoiMDE4ZmEyMjUtNDZjZi03MDAwLTllYTktNzU2NmMxZmMyZWNlIiwiYyI6IkRFIiwiciI6IiIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE2NDEyMzEzNjkyLCJmIjoiMTU5ODFwYSJ9&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 12AD 652 KB
0 0ms
0ms Script
text/javascript 2600:9000:2491:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 20:51:10 GMT
x-amz-version-id: oT0tHG3bzF0iUTCEMPD3HdEMEAydPgpV
content-encoding: br
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 20:33:56 GMT
server: AmazonS3
etag: W/"bef96fd6cc6346fe46cfa97630b8d5fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: KCGCpZslJhwybESCYNjTabHSL5qDpRopnvvPzw1CP6MN5AKSoLOmBQ==

GET
H2 204 874
tracker.nitropay.com/i/ 0
0 154ms
152ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF90b3BfaW5saW5lX2xiIiwiY3JlYXRpdmVJZCI6IjM4MTg0NjcxNCIsImJpZGRlciI6ImFwcG5leHVzQXN0IiwidGltZVRvUmVzcG9uZCI6NDYwLCJoZWlnaHQiOjkwLCJ3aWR0aCI6NzI4LCJjcG0iOjAuMDIyMjU0ODE5OTk5OTk5OTk4LCJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzYiLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImRjaGFpblwiOntcInZlclwiOlwiMS4wXCIsXCJjb21wbGV0ZVwiOjAsXCJub2Rlc1wiOlt7XCJic2lkXCI6XCIxMjA4NVwifV19LFwiYnJhbmRJZFwiOjg5fSIsInJlcXVlc3RJZCI6IjAxOGZhMjI1LTQ2NTgtNzAwMC1iZjk2LWM2NzIzZWQzZjE4OSIsImMiOiJERSIsInIiOiIiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcxNjQxMjMxMzcwMywiZiI6IjE1OTgxcGEifQ%3D%3D&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 78E4 101 KB
41 KB 253ms
74ms Script
application/javascript 2620:1ec:46::43

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::43 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81167d93ec7720fc34e59e32745b5ec932b693a68fb7170a8ab282135d7daf56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: br
last-modified: Wed, 22 May 2024 16:40:48 GMT
vary: Accept-Encoding
x-azure-ref: 20240522T211153Z-164d49668c6zsbjbe4m9q0astg00000006s000000000kczt
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a9de0bb7-601e-009d-3b67-ac52d2000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 70313234

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/244/ Frame 78E4 80 KB
28 KB 138ms
37ms Script
application/x-javascript 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/244/trk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Wed, 21 May 2025 05:01:46 GMT
Date: Wed, 22 May 2024 21:11:53 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 144608
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21967-LGA, cache-fra-etou8220122-FRA
Last-Modified: Tue, 21 May 2024 05:00:50 GMT
Server: AkamaiNetStorage
X-Timer: S1716412314.857441,VS0,VE0
ETag: "1cad5a6edbbf8da3391ec0f9966ccca0:1716267650.316022"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 19080

GET
H2 200 it
ams3-ib.adnxs-simple.com/ Frame 78E4 0
534 B 66ms
53ms Image
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs-simple.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.rolimons.com%252Fplayer%252F126166576&e=wqT_3QKiCGwiBAAAAwDWAAUBCJm_ubIGEJmejpaby8iWQRj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAAGBmZvI_IRESACkRJMgxAAAAwPUovD8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBxmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAv7hAeACiLlc6gIpaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzaAAwGIAwCQAwCYAxegAwGqA6oDCsACaHR0FT8MYmluZwU78HlhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzA0YjI3Ny1kZjFmLTRhYzAtODcwMi1jZTg0MDEyYjc1ZGYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbhlcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMTk5ODQ1OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_DlX2Z4dmNnbmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Njk2NDQ3NzU1MDYzODg5Njg5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTnpBNE9USTRNak1qTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgD4sipAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLpBmliIBQGYBQCgBZ7KrMPp5Z2jCsAFAMkFAAUBFPA_0gUJCQULkAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALIGMUNQX0JCY0EJBihEeXZOQUVOQTBFQRUBCENpUREMJC5JQUFBuAYBwQYBVTQAAPA_0AbCjQTaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIBwDSBw0JETEBLwjaBwYBm_A_GADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBoggKCgZEQkFCTX4QAsAI_uEB0ggJCP___z8QAhgB2ggECAAgAA..&s=88fc70f162cfdf26bbd6dc8ac8d6a4039f90f9de

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
an-x-request-uuid: 9d540e57-6703-49de-aac1-32750de4a1e2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 7071 101 KB
0 235ms
235ms Script
application/javascript 2620:1ec:46::43

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::43 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81167d93ec7720fc34e59e32745b5ec932b693a68fb7170a8ab282135d7daf56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: br
last-modified: Wed, 22 May 2024 16:40:48 GMT
vary: Accept-Encoding
x-azure-ref: 20240522T211153Z-164d49668c6zsbjbe4m9q0astg00000006s000000000kczt
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a9de0bb7-601e-009d-3b67-ac52d2000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 70313234

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/244/ Frame 7071 80 KB
0 119ms
119ms Script
application/x-javascript 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/244/trk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Cache-Hits: 1, 19080
Date: Wed, 22 May 2024 21:11:53 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 144608
X-Cache: HIT, HIT
Content-Length: 27680
X-Served-By: cache-lga21967-LGA, cache-fra-etou8220122-FRA
Last-Modified: Tue, 21 May 2024 05:00:50 GMT
Server: AkamaiNetStorage
X-Timer: S1716412314.857441,VS0,VE0
ETag: "1cad5a6edbbf8da3391ec0f9966ccca0:1716267650.316022"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 21 May 2025 05:01:46 GMT

GET
H2 200 it
ams3-ib.adnxs-simple.com/ Frame 7071 0
534 B 62ms
62ms Image
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs-simple.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.rolimons.com%252Fplayer%252F126166576&e=wqT_3QK1CGw1BAAAAwDWAAUBCJm_ubIGEP_sqtjancG5Vhj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAACBcj-I_IRESACkRJNAxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ45PYFgAEBigEDVVNEkgUG8G2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCKWh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2gAMBiAMAkAMAmAMXoAMBqgO7AwrRAi4_ABBiaW5nLgE78HlhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04NDFlYjMyOC1hYzNmLTQxZWUtYmM2YS0wMDgzOWEyNGQ4ODEmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbhlcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMTk5ODQ1OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM2MjI5MzI4MTI4NDA2ODk0MjA3IgkzODE4NDY3MTQqBCFu9A4BOjhVMlZoY21Ob1FXUWpOekl5TWpRMU16Y3hNekEyT1RJak1qTXlOREF5TXprNE5ERXdPVFUyT0E9PcAD2ATIAwDYA-LIqQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTIzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXmyN61go7m1SDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAsgYxQ1BfQkJjQVBfQkJjQUR5dk5BRU5BMEVBQUFBQUFBQUFBQ2lRQUFBQQERKC5JQUFBuAYBwQYABQEs8D_QBsKNBNoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgH5PYF0gcNCRE0ATEM2gcGCAUJ8D3gBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBoggKCgZEQkFCTX4QAsAI_uEB0ggJCP___z8QAhgB2ggECAAgAA..&s=4300f1e95952bb240798dce0babb09bcaf9102bf

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
an-x-request-uuid: 402b0937-ccc8-4030-b5b7-96a8597ea7f3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 12AD 101 KB
0 226ms
226ms Script
application/javascript 2620:1ec:46::43

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::43 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81167d93ec7720fc34e59e32745b5ec932b693a68fb7170a8ab282135d7daf56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 22 May 2024 21:11:53 GMT
content-encoding: br
last-modified: Wed, 22 May 2024 16:40:48 GMT
vary: Accept-Encoding
x-azure-ref: 20240522T211153Z-164d49668c6zsbjbe4m9q0astg00000006s000000000kczt
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a9de0bb7-601e-009d-3b67-ac52d2000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 70313234

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/244/ Frame 12AD 80 KB
0 111ms
111ms Script
application/x-javascript 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/244/trk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Cache-Hits: 1, 19080
Date: Wed, 22 May 2024 21:11:53 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 144608
X-Cache: HIT, HIT
Content-Length: 27680
X-Served-By: cache-lga21967-LGA, cache-fra-etou8220122-FRA
Last-Modified: Tue, 21 May 2024 05:00:50 GMT
Server: AkamaiNetStorage
X-Timer: S1716412314.857441,VS0,VE0
ETag: "1cad5a6edbbf8da3391ec0f9966ccca0:1716267650.316022"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 21 May 2025 05:01:46 GMT

GET
H2 200 it
ams3-ib.adnxs-simple.com/ Frame 12AD 0
534 B 49ms
49ms Image
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs-simple.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.rolimons.com%252Fplayer%252F126166576&e=wqT_3QKJCGwJBAAAAwDWAAUBCJm_ubIGEMaUgPzQkvjgYRj_EQF4ASo2CWZ9tiI5epg_Ee7Dk3rpQJc_GQAAACBcj-I_IRESACkRJMgxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBtmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC_uEB4AKN41zqAilodHRwczovL3d3dy5yb2xpbW9ucy5jb20vcGxheWVyLzEyNjE2NjU3NoADAYgDAJADAJgDF6ADAaoDkwMKrQIuPwAQYmluZy4BO_B1YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzI0NmM3NjQtNmU5My00YzFmLWE4OTUtY2ZjY2QwOTVjNDQxJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbhlYHHB1Ymxpc2hlASkkMTYyNjQ1MzMwJgEOkm0AuHJ0eXBlPW51cmwmdGFnSWQ9MjE5OTg0NTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MDQ0MTU4MjIyOTk4OTY0ODA2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STBNekEyTXpNME56YzNPVGdqTnoFFPCaek5UQTVNVEU0TkRrPcAD2ATIAwDYA-LIqQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTIzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_m9Pl3qnopnjABQDJBQAAAAAAAPA_0gUJCQAAAAABD4jYBQHgBQHwBbuDEPoFBAgAEACQBgCYBgCyBjFDUF9CQmNBUAUGKER5dk5BRU5BMEVBFQEIQ2lREQwkLklBQUG4BgHBBgFVNAAA8D_QBsKNBNoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgHANIHDQkRMQEvCNoHBgGb8D8YAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAGiCAoKBkRCQUJNfhACwAj-4QHSCAkI____PxACGAHaCAQIACAA&s=1201f4d40c8ef33307b287f455737757b0aefbe8

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:53 GMT
an-x-request-uuid: 1bdcb65b-79ae-4c04-889b-328a89919359
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 874
tracker.nitropay.com/i/ 0
0 163ms
163ms Fetch 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF9sZWZ0X2d1dHRlcl9za3lzY3JhcGVyIiwiYmlkZGVyIjoiYmxhbmsiLCJoZWlnaHQiOjAsIndpZHRoIjowLCJjcG0iOjAsImNyZWF0aXZlSWQiOiIiLCJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzYiLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE4ZmEyMjUtNDY3OS03MDAwLWE0ZWEtYmZkOTBmMzhjMjI0IiwidGltZVRvUmVzcG9uZCI6MCwiYyI6IkRFIiwiciI6IiIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE2NDEyMzEzNzc5LCJmIjoiMTU5ODFwYSJ9&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:53 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

c.gif
www.bing.com/aes/ Frame 78E4
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5099a8c6-0839-4373-b4bc-0f705af02131&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=f304b277-df1f-4ac0...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5faa30e1789641b0b02e11d02e5b9c7f&SNR=1&GV=2&med=10

0
546 B

595ms
594ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5faa30e1789641b0b02e11d02e5b9c7f&SNR=1&GV=2&med=10
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B4735399BAD64799BE571ACA876C3266 Ref B: FRA31EDGE0805 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202bb2
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20226FE230BC4DF8BD180FE523EBED39 Ref B: FRA31EDGE0117 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202b25
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5faa30e1789641b0b02e11d02e5b9c7f&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 78E4 15 KB
15 KB 184ms
43ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215978536551_1MCQFE80ULBVOILGJR&pid=21.2&c=16&roil=0.2383&roit=0&roir=0.7617&roib=1&w=160&h=160&qlt=90
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d190338e6ca6aca0ff531f877523e01461a970bca2c98d12c62fc58a735e47e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:54 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ba12417.1716412314.be202b21
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15002
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs-simple.com/ Frame 78E4 0
534 B 49ms
48ms Script
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QL0BGx0AgAAAwDWAAUBCJm_ubIGEJmejpaby8iWQRj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAAGBmZvI_IRESACkRJMgxAAAAwPUovD8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQ-AZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAoi5XOoCKWh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2gAMBiAMAkAMAmAMXoAMBqgMAwAPYBMgDANgD4sipAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWeyqzD6eWdowrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAsgYxQ1BfQkJjQVBfQkJjQUR5dk5BRU5BMEVBQUFBQUFBQUFBQ2lRQUEFCihBLklBQUG4BgHBBglZLPA_0AbCjQTaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIBwDSBw0JETEBLwzaBwYIBQno4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAaIICgoGREJBQk1-EALACP7hAdIIBggAEAAYANoIBAgAIAA.&s=0ec6d18eb9f64318afac27e37e107f9e75b1ceb6&bdref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576,https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: 4b8a83d2-d377-4182-aaf3-f8b2fc8dead3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 7071
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5cc335a7-b439-428a-93eb-f8a45104a075&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=841eb328-ac3f-41ee...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c38b8f23dee44578dcd675e7f1912e7&SNR=1&GV=2&med=10

0
547 B

124ms
124ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c38b8f23dee44578dcd675e7f1912e7&SNR=1&GV=2&med=10
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C764CA595E344D7DAF5EE5F883D75B7C Ref B: FRA31EDGE0121 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202bb8
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5611A8618BE34725827B5ECCEDC50BEE Ref B: FRAEDGE1115 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202b24
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c38b8f23dee44578dcd675e7f1912e7&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 7071 9 KB
9 KB 143ms
46ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215967564457_1UY9TBKGTCDBOVWVYA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=172&h=90&qlt=90
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97f4a4e40b1fa4af3b66182fd92cf1abdcd4bd95e144aa7220a27a0e84ae375d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:54 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ba12417.1716412314.be202b22
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9255
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs-simple.com/ Frame 7071 0
534 B 80ms
79ms Script
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QL3BGx3AgAAAwDWAAUBCJm_ubIGEP_sqtjancG5Vhj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAACBcj-I_IRESACkRJNAxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ45PYFgAEBigEDVVNEkgUG9D4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAv7hAeACqcld6gIpaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzaAAwGIAwCQAwCYAxegAwGqAwDAA9gEyAMA2APiyKkB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEyM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF5sjetYKO5tUgwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALIGMUNQX0JCY0FQX0JCY0FEeXZOQUVOQTBFQUFBQUFBQUFBQUNpUUFBQQEKKEEuSUFBQbgGAcEGCVgs8D_QBsKNBNoGFgoQCRIZAaAQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgH5PYF0gcNCREzATEM2gcGCAUJ6OAHAOoHAggA8AcAiggCEACVCAAAgD-YCAGiCAoKBkRCQUJNfhACwAj-4QHSCAYIABAAGADaCAQIACAA&s=40e8788ef56d0cc510822e32e781bc5bc15a1427&bdref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576,https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: 843e9d99-d721-40d9-b3d0-b11b080868c5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 12AD
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ec7ac06a-ed48-4e68-ba2c-080e9c3acf43&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7246c764-6e93-4c1f-a89...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=c1ba858560044b2280ee5e4ac5bd6035&SNR=1&GV=2&med=10

0
545 B

124ms
124ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=c1ba858560044b2280ee5e4ac5bd6035&SNR=1&GV=2&med=10
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6885C3D3DE2446BB8D71B2CF42492477 Ref B: FRA31EDGE0819 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202bb3
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 May 2024 21:11:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15F8069ACE0648658D7AE8166A33A6B5 Ref B: FRAEDGE1222 Ref C: 2024-05-22T21:11:54Z
x-cdn-traceid: 0.9ba12417.1716412314.be202b26
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=c1ba858560044b2280ee5e4ac5bd6035&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 th
www.bing.com/ Frame 12AD 6 KB
7 KB 133ms
80ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215900427146_1JPHL2OXILG53ADMWD&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=172&h=90&qlt=90
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/player/126166576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61129b396ad81eb173c946c566cfe7fcac37c12b7ef2bc7b307bed9c2998a3bb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:54 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ba12417.1716412314.be202b23
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6350
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs-simple.com/ Frame 12AD 0
534 B 79ms
79ms Script
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QLzBGxzAgAAAwDWAAUBCJm_ubIGEMaUgPzQkvjgYRj_EQF4ASo2CWZ9tiI5epg_Ee7Dk3rpQJc_GQAAACBcj-I_IRESACkRJMgxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQ-AZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAo3jXOoCKWh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2gAMBiAMAkAMAmAMXoAMBqgMAwAPYBMgDANgD4sipAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMjOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBf-b0-XeqeimeMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbuDEPoFBAgAEACQBgCYBgCyBjFDUF9CQmNBUF9CQmNBRHl2TkFFTkEwRUFBQUFBQUFBQUFDaVFBQUEBCihBLklBQUG4BgHBBglYLPA_0AbCjQTaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIBwDSBw0JETEBLwzaBwYIBQno4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAaIICgoGREJBQk1-EALACP7hAdIIBggAEAAYANoIBAgAIAA.&s=4f10cd56d8e5ee0031eedc7cb6be83dde8d183db&bdref=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576,https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: e6804b0b-0dea-4f01-b08c-c4844d9f49fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs-simple.com/ Frame 78E4 0
551 B 49ms
49ms Ping
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QKiCGwiBAAAAwDWAAUBCJm_ubIGEJmejpaby8iWQRj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAAGBmZvI_IRESACkRJMgxAAAAwPUovD8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBxmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAv7hAeACiLlc6gIpaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzaAAwGIAwCQAwCYAxegAwGqA6oDCsACaHR0FT8MYmluZwU78HlhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzA0YjI3Ny1kZjFmLTRhYzAtODcwMi1jZTg0MDEyYjc1ZGYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbhlcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMTk5ODQ1OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_DlX2Z4dmNnbmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Njk2NDQ3NzU1MDYzODg5Njg5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTnpBNE9USTRNak1qTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgD4sipAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLpBmliIBQGYBQCgBZ7KrMPp5Z2jCsAFAMkFAAUBFPA_0gUJCQULkAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALIGMUNQX0JCY0EJBihEeXZOQUVOQTBFQRUBCENpUREMJC5JQUFBuAYBwQYBVTQAAPA_0AbCjQTaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIBwDSBw0JETEBLwjaBwYBm_A_GADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBoggKCgZEQkFCTX4QAsAI_uEB0ggJCP___z8QAhgB2ggECAAgAA..&s=88fc70f162cfdf26bbd6dc8ac8d6a4039f90f9de&type=nv&nvt=5&jm=1003&px=1369&py=90&bw=160&bh=160&sid=8386805971259206299&vd=ct~0|rr~0&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21998459&sw=1600&sh=1200&pw=1600&ph=6106&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/244/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: 18d42cbe-99c5-4383-a9c4-fff70cc0f8d0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
217 B 244ms
130ms XHR
text/plain 2600:9000:223d:aa00:10:43f:4352:ad61

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:aa00:10:43f:4352:ad61 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 21:11:54 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: E0uUZOcDY37iI-qBOnghpJZ6z_0LSAEYoq5YbZnk0Au6oah7QG14hA==
x-cache: Miss from cloudfront

POST
H2 200 vevent
ams3-ib.adnxs-simple.com/ Frame 7071 0
551 B 49ms
49ms Ping
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QK1CGw1BAAAAwDWAAUBCJm_ubIGEP_sqtjancG5Vhj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAACBcj-I_IRESACkRJNAxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ45PYFgAEBigEDVVNEkgUG8G2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCKWh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2gAMBiAMAkAMAmAMXoAMBqgO7AwrRAi4_ABBiaW5nLgE78HlhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04NDFlYjMyOC1hYzNmLTQxZWUtYmM2YS0wMDgzOWEyNGQ4ODEmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbhlcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMTk5ODQ1OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM2MjI5MzI4MTI4NDA2ODk0MjA3IgkzODE4NDY3MTQqBCFu9A4BOjhVMlZoY21Ob1FXUWpOekl5TWpRMU16Y3hNekEyT1RJak1qTXlOREF5TXprNE5ERXdPVFUyT0E9PcAD2ATIAwDYA-LIqQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTIzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXmyN61go7m1SDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAsgYxQ1BfQkJjQVBfQkJjQUR5dk5BRU5BMEVBQUFBQUFBQUFBQ2lRQUFBQQERKC5JQUFBuAYBwQYABQEs8D_QBsKNBNoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgH5PYF0gcNCRE0ATEM2gcGCAUJ8D3gBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBoggKCgZEQkFCTX4QAsAI_uEB0ggJCP___z8QAhgB2ggECAAgAA..&s=4300f1e95952bb240798dce0babb09bcaf9102bf&type=nv&nvt=5&jm=1003&px=436&py=5670&bw=182&bh=90&sid=8386805971259206299&vd=ct~0|rr~0&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21998459&sw=1600&sh=1200&pw=1600&ph=6106&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/244/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: 1021b2f3-44db-4ecc-9552-c131ad6d553b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
216 B 333ms
236ms XHR
text/plain 2600:9000:223d:aa00:10:43f:4352:ad61

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:aa00:10:43f:4352:ad61 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 21:11:54 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: lY9xXyzlgY9G09IB-Re6A0Zwi-xfrbeNNVLMLpM0_ignC_IOrdN_BA==
x-cache: Miss from cloudfront

POST
H2 200 vevent
ams3-ib.adnxs-simple.com/ Frame 12AD 0
550 B 49ms
49ms Ping
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QKJCGwJBAAAAwDWAAUBCJm_ubIGEMaUgPzQkvjgYRj_EQF4ASo2CWZ9tiI5epg_Ee7Dk3rpQJc_GQAAACBcj-I_IRESACkRJMgxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBtmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC_uEB4AKN41zqAilodHRwczovL3d3dy5yb2xpbW9ucy5jb20vcGxheWVyLzEyNjE2NjU3NoADAYgDAJADAJgDF6ADAaoDkwMKrQIuPwAQYmluZy4BO_B1YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzI0NmM3NjQtNmU5My00YzFmLWE4OTUtY2ZjY2QwOTVjNDQxJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbhlYHHB1Ymxpc2hlASkkMTYyNjQ1MzMwJgEOkm0AuHJ0eXBlPW51cmwmdGFnSWQ9MjE5OTg0NTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MDQ0MTU4MjIyOTk4OTY0ODA2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STBNekEyTXpNME56YzNPVGdqTnoFFPCaek5UQTVNVEU0TkRrPcAD2ATIAwDYA-LIqQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTIzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_m9Pl3qnopnjABQDJBQAAAAAAAPA_0gUJCQAAAAABD4jYBQHgBQHwBbuDEPoFBAgAEACQBgCYBgCyBjFDUF9CQmNBUAUGKER5dk5BRU5BMEVBFQEIQ2lREQwkLklBQUG4BgHBBgFVNAAA8D_QBsKNBNoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgHANIHDQkRMQEvCNoHBgGb8D8YAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAGiCAoKBkRCQUJNfhACwAj-4QHSCAkI____PxACGAHaCAQIACAA&s=1201f4d40c8ef33307b287f455737757b0aefbe8&type=nv&nvt=5&jm=1003&px=436&py=90&bw=182&bh=90&sid=8386805971259206299&vd=ct~0|rr~0&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21998459&sw=1600&sh=1200&pw=1600&ph=6106&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/244/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:54 GMT
an-x-request-uuid: 00c1fa75-c8b9-46c2-a297-0a42e7a48f2c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
216 B 332ms
268ms XHR
text/plain 2600:9000:223d:aa00:10:43f:4352:ad61

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:aa00:10:43f:4352:ad61 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 22 May 2024 21:11:54 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: HHCtRETohY47hGiTjHup-Mty8RHWv7bP3drt4_i2Zt0iBZKxRbXsGQ==
x-cache: Miss from cloudfront

POST
H3 204 874
tracker.nitropay.com/i/ 0
10 B 243ms
154ms Ping
text/plain 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF9yaWdodF9ndXR0ZXJfc2t5c2NyYXBlciIsImNyZWF0aXZlSWQiOiIzODE4NDY3MTQiLCJiaWRkZXIiOiJhcHBuZXh1c0FzdCIsInRpbWVUb1Jlc3BvbmQiOjM3OCwiaGVpZ2h0Ijo2MDAsIndpZHRoIjoxNjAsImNwbSI6MC4wMjYzMzA2NCwiaHJlZiI6Imh0dHBzOi8vd3d3LnJvbGltb25zLmNvbS9wbGF5ZXIvMTI2MTY2NTc2IiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJkY2hhaW5cIjp7XCJ2ZXJcIjpcIjEuMFwiLFwiY29tcGxldGVcIjowLFwibm9kZXNcIjpbe1wiYnNpZFwiOlwiMTIwODVcIn1dfSxcImJyYW5kSWRcIjo4OX0iLCJyZXF1ZXN0SWQiOiIwMThmYTIyNS00NjhhLTcwMDAtODIwOC0yYTU5NWRhNzc4ZTEiLCJjIjoiREUiLCJyIjoiIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MTY0MTIzMTM2NjEsImYiOiIxNTk4MXBhIn0%3D&v=true&t=1000&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:54 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 874
tracker.nitropay.com/i/ 0
10 B 184ms
156ms Ping
text/plain 35.244.144.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/i/874?d=eyJhZFVuaXRDb2RlIjoiZGVza3RvcF90b3BfaW5saW5lX2xiIiwiY3JlYXRpdmVJZCI6IjM4MTg0NjcxNCIsImJpZGRlciI6ImFwcG5leHVzQXN0IiwidGltZVRvUmVzcG9uZCI6NDYwLCJoZWlnaHQiOjkwLCJ3aWR0aCI6NzI4LCJjcG0iOjAuMDIyMjU0ODE5OTk5OTk5OTk4LCJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzYiLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImRjaGFpblwiOntcInZlclwiOlwiMS4wXCIsXCJjb21wbGV0ZVwiOjAsXCJub2Rlc1wiOlt7XCJic2lkXCI6XCIxMjA4NVwifV19LFwiYnJhbmRJZFwiOjg5fSIsInJlcXVlc3RJZCI6IjAxOGZhMjI1LTQ2NTgtNzAwMC1iZjk2LWM2NzIzZWQzZjE4OSIsImMiOiJERSIsInIiOiIiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcxNjQxMjMxMzcwMywiZiI6IjE1OTgxcGEifQ%3D%3D&v=true&t=1000&p=0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:54 GMT
via: 1.1 google
server: nginx/1.25.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 201ms
92ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 May 2024 21:11:55 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 78E4
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5099a8c6-0839-4373-b4bc-0f705af02131&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=f304b277-df1f-4ac0...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5faa30e1789641b0b02e11d02e5b9c7f&tids=15000&med=10

0
18 B

168ms
168ms

Image
text/plain

23.205.255.162

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5faa30e1789641b0b02e11d02e5b9c7f&tids=15000&med=10
Protocol: H3
Server: 23.205.255.162 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DDEA80A989346A9933EF9D085EC28B6 Ref B: YTO01EDGE0822 Ref C: 2024-05-22T21:11:55Z
x-cdn-traceid: 0.e2e83717.1716412315.11ae014
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 May 2024 21:11:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E4A102B86E0472BA08268C5E2D5D1E3 Ref B: BL2AA2010203021 Ref C: 2024-05-22T21:11:55Z
x-cdn-traceid: 0.e2e83717.1716412315.11adfa8
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5faa30e1789641b0b02e11d02e5b9c7f&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 12AD
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ec7ac06a-ed48-4e68-ba2c-080e9c3acf43&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7246c764-6e93-4c1f-a89...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c1ba858560044b2280ee5e4ac5bd6035&tids=1&med=10

0
18 B

171ms
170ms

Image
text/plain

23.205.255.162

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c1ba858560044b2280ee5e4ac5bd6035&tids=1&med=10
Protocol: H3
Server: 23.205.255.162 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7A121131A0E4081ABEB04C964897995 Ref B: YTO01EDGE0721 Ref C: 2024-05-22T21:11:55Z
x-cdn-traceid: 0.e2e83717.1716412315.11ae030
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 May 2024 21:11:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F468D9E164EA43B589883F6FE3539CC5 Ref B: CH1AA2020615005 Ref C: 2024-05-22T21:11:55Z
x-cdn-traceid: 0.e2e83717.1716412315.11adfb9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c1ba858560044b2280ee5e4ac5bd6035&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs-simple.com/ Frame 78E4 0
551 B 48ms
48ms Ping
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QKiCGwiBAAAAwDWAAUBCJm_ubIGEJmejpaby8iWQRj_EQF4ASo2CbhX27j49Zw_ESJg0OJFg5s_GQAAAGBmZvI_IRESACkRJMgxAAAAwPUovD8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBxmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAv7hAeACiLlc6gIpaHR0cHM6Ly93d3cucm9saW1vbnMuY29tL3BsYXllci8xMjYxNjY1NzaAAwGIAwCQAwCYAxegAwGqA6oDCsACaHR0FT8MYmluZwU78HlhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzA0YjI3Ny1kZjFmLTRhYzAtODcwMi1jZTg0MDEyYjc1ZGYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbhlcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMTk5ODQ1OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_DlX2Z4dmNnbmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Njk2NDQ3NzU1MDYzODg5Njg5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTnpBNE9USTRNak1qTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgD4sipAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMjOoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLpBmliIBQGYBQCgBZ7KrMPp5Z2jCsAFAMkFAAUBFPA_0gUJCQULkAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALIGMUNQX0JCY0EJBihEeXZOQUVOQTBFQRUBCENpUREMJC5JQUFBuAYBwQYBVTQAAPA_0AbCjQTaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIBwDSBw0JETEBLwjaBwYBm_A_GADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBoggKCgZEQkFCTX4QAsAI_uEB0ggJCP___z8QAhgB2ggECAAgAA..&s=88fc70f162cfdf26bbd6dc8ac8d6a4039f90f9de&type=pv&jm=1003|1030&px=1369&py=90&bw=160&bh=160&sf=1&sid=8386805971259206299&vd=ct~0|rr~5&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21998459&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/244/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:55 GMT
an-x-request-uuid: 3ea1cf18-df7a-4206-aa83-dcf8f111f346
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs-simple.com/ Frame 12AD 0
551 B 50ms
49ms Ping
text/html 185.89.210.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.rolimons.com%2Fplayer%2F126166576&e=wqT_3QKJCGwJBAAAAwDWAAUBCJm_ubIGEMaUgPzQkvjgYRj_EQF4ASo2CWZ9tiI5epg_Ee7Dk3rpQJc_GQAAACBcj-I_IRESACkRJMgxAAAAgD0Ktz8w-9a-CjjzPEC1XkjjA1C6iYq2AVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvBtmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC_uEB4AKN41zqAilodHRwczovL3d3dy5yb2xpbW9ucy5jb20vcGxheWVyLzEyNjE2NjU3NoADAYgDAJADAJgDF6ADAaoDkwMKrQIuPwAQYmluZy4BO_B1YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzI0NmM3NjQtNmU5My00YzFmLWE4OTUtY2ZjY2QwOTVjNDQxJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbhlYHHB1Ymxpc2hlASkkMTYyNjQ1MzMwJgEOkm0AuHJ0eXBlPW51cmwmdGFnSWQ9MjE5OTg0NTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MDQ0MTU4MjIyOTk4OTY0ODA2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STBNekEyTXpNME56YzNPVGdqTnoFFPCaek5UQTVNVEU0TkRrPcAD2ATIAwDYA-LIqQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTIzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_m9Pl3qnopnjABQDJBQAAAAAAAPA_0gUJCQAAAAABD4jYBQHgBQHwBbuDEPoFBAgAEACQBgCYBgCyBjFDUF9CQmNBUAUGKER5dk5BRU5BMEVBFQEIQ2lREQwkLklBQUG4BgHBBgFVNAAA8D_QBsKNBNoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgHANIHDQkRMQEvCNoHBgGb8D8YAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAGiCAoKBkRCQUJNfhACwAj-4QHSCAkI____PxACGAHaCAQIACAA&s=1201f4d40c8ef33307b287f455737757b0aefbe8&type=pv&jm=1003|1030&px=436&py=90&bw=182&bh=90&sf=1&sid=8386805971259206299&vd=ct~0|rr~5&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21998459&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/244/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 22 May 2024 21:11:55 GMT
an-x-request-uuid: 969218b8-74c0-4a04-9505-c8367d2ad866
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rolimons.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
423 B 174ms
56ms Fetch
application/json 52.223.40.198

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 237fc71a8a44cbbafc4fa91423e4a74b69dc7ddc60f99c62f48f06098f1f762d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 May 2024 21:11:56 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 21 Jun 2024 21:11:56 GMT

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame F199 0
0 250ms
57ms Document
text/html 172.64.149.180

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 312
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 887fcd40ff5f58f6-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 May 2024 21:11:58 GMT
expires: Thu, 23 May 2024 01:11:58 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 50AC 0
0 242ms
55ms Document
image/gif 76.223.111.18

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 22 May 2024 21:11:58 GMT

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8E2D 0
0 221ms
37ms Document
text/html 2.17.1.103

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.17.1.103 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=96677
content-encoding: gzip
content-length: 5685
content-type: text/html
date: Wed, 22 May 2024 21:11:58 GMT
expires: Fri, 24 May 2024 00:03:15 GMT
last-modified: Wed, 22 May 2024 00:02:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

204

beacon
ce.lijit.com/ Frame EC12
Redirect Chain

https://ap.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055
https://ce.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055

0
0

284ms
53ms

Document
text/plain

52.212.42.149

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.42.149 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date: Wed, 22 May 2024 21:11:59 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept-Encoding

Redirect headers

content-length: 110
content-type: text/html
date: Wed, 22 May 2024 21:11:58 GMT
location: https://ce.lijit.com:443/beacon?gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&informer=13401055
server: awselb/2.0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame E4F9 0
0 223ms
46ms Document
text/html 2.17.1.138

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP_BBcAP_BBcADyvNAENA0EAAAAAAAAAACiQAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.1.138 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.rolimons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 May 2024 21:11:58 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831108684257

0
0

GET

push
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...

0
0

GET

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=_E23OglQXVVqBNCDSPlyxVD_B3s

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 57ms
52ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=97d6fcd501&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.rolimons.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 21:11:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&google_hm=ZWEzYmQ3MWItYTUyMi00Yzk3LThiZTEtYjA1NjEzNTg4M2Zm&...
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&google_hm=ZWEzYmQ3MWItYTUyMi00Yzk3LThiZTEtYjA1NjEzNTg4M2Z...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE_2zf-OV4A_ULNNggP6Pw8&google_cver=1&ssp=sonobi&bsw_param=ea3bd71b-a522-4c97-8be1-b056135883ff&gdpr_consent=&gdpr=0
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ea3bd71b-a522-4c97-8be1-b056135883ff&gdpr=0&gdpr_consent=&us_privacy=

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831108684257

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D14683802-1681-45f9-b3c7-017fdb3b4230-664e5f9e-5553%26gdpr%3D0%26gdpr_consent%3D

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us.gif?nw=st&nuid=_E23OglQXVVqBNCDSPlyxVD_B3s

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=ea3bd71b-a522-4c97-8be1-b056135883ff&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitropay.com/	1970-01-20 20:46:54	Name: __cf_bm Value: DvYJcx.IkfUsBgB.DXy1EqjrCVPOq_2LAXL2UqpCQic-1716412302-1.0.1.1-dBsZ..25mK3Ixr6Z75rhu7IGRa75ZuzocSAKYlFGMR_xNF07HKRFYHTM7zQIbIHbhVT05XKDor6iaHzDbn6PpA
.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hGvQSL6a64KBlWWAwqajoHEUOSPOrroh.cgC1PIWyL4-1716412302170-0.0.1.1-604800000
.rolimons.com/	1970-01-21 06:22:52	Name: _ga_TKLVQSSPSF Value: GS1.1.1716412302.1.0.1716412302.0.0.0
.rolimons.com/	1970-01-21 06:22:52	Name: _ga Value: GA1.1.158081540.1716412302
.rolimons.com/	1970-01-21 05:32:28	Name: ncmp.domain Value: rolimons.com

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.rolimons.com/player/126166576(Line 1128) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576(Line 1128) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576(Line 1284) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576(Line 1284) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576(Line 1284) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://s.nitropay.com/ads-874.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://s.nitropay.com/ads-874.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://s.nitropay.com/ads-874.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.rolimons.com/player/126166576 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.nitropay.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adsdk.microsoft.com
ams3-ib.adnxs-simple.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.rolimons.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.adnxs-simple.com
cdn.jsdelivr.net
ce.lijit.com
code.highcharts.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
js-sec.indexww.com
match.adsrvr.org
pixel.tapad.com
prebid.media.net
region1.google-analytics.com
rumcdn.geoedge.be
s.nitropay.com
securepubads.g.doubleclick.net
static.criteo.net
sync.go.sonobi.com
thumbnails.rolimons.com
tlx.3lift.com
tr.rbxcdn.com
tracker.nitropay.com
wrappers.geoedge.be
www.bing.com
www.googletagmanager.com
www.rolimons.com
pixel.tapad.com
sync.go.sonobi.com
104.18.3.78
108.138.6.136
130.211.23.194
142.250.181.226
142.250.185.230
151.101.65.108
172.64.149.180
172.64.151.101
172.67.74.181
178.250.1.8
18.157.230.4
18.159.201.246
18.244.15.236
18.245.31.9
185.64.189.112
185.89.210.212
188.114.97.3
2.17.1.103
2.17.1.138
2001:4860:4802:32::36
23.205.255.162
2600:9000:223d:aa00:10:43f:4352:ad61
2600:9000:2491:e600:4:b37b:9440:93a1
2600:9000:2761:fe00:2:d490:4d80:93a1
2602:803:c003:200::21
2606:4700:10::6816:4ad8
2606:4700:20::681a:246
2606:4700::6812:909
2607:f350:3:2569:0:10:0:200a
2620:1ec:46::43
2a00:1450:4001:81c::2008
2a02:2638:3::3
2a02:26f0:3500:11::215:14cc
2a02:26f0:3500:1b::1724:a39b
2a04:4e42:600::485
34.120.63.153
34.253.100.47
35.244.144.25
52.212.42.149
52.223.40.198
76.223.111.18
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
02549c4896c5de4f23453181365708148688c63e3b3aadc00d47ad93f8fc17a5
043f8bea9582d0763c52a27e2c683ee60e870f71ed3c384b307ff540b6a1cbb2
0467ac8a5cf3cbc48ec1df0da226e6c293042ec21617d41295ed12c3294b1541
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18
0aa316fb0c3f96691cd0f2282705b9dee1064ff1260252158463d5ca0d20dc5d
112fbc91d81f801f2b09f38d07f6eb53a51e400836d642609d77511074f46ada
14803e4fb5fb11fc8c947592e7f9c63642e9a49eab81574f7dea68dfb1175f75
161f0935437a3ddde5e269073952333893d53f92b54b485bee87701404d1498f
162fd02dc7dbeb0dcf3e1c7233e1c23b6917d5e91b0aa8a2d4d898b411bf3c95
16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
22651b3acbea602829ec18340818228842682b9b110219c3056e6a3ea0233c09
237fc71a8a44cbbafc4fa91423e4a74b69dc7ddc60f99c62f48f06098f1f762d
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
2d190338e6ca6aca0ff531f877523e01461a970bca2c98d12c62fc58a735e47e
2fa34c95e08c20ab1bb5a80a6efbe8110446cf7517cc1b11b4db90a5fb282361
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126
3534900f2841f2074aea7ac79e56d521b53e9eb365a355907913f6aa446eb37b
3dddb633eb881dcba0685aa73b4fb7dd5606ad12b4a5dbd713600273a9202f83
3dfb3eee782e57438d446a09fa30f574a290413ada6579c4b39576791172585d
40d975f4f884523345900240488e43d578b9c81db51a2643f4a22483656f227a
415a157698b9b53a678366d76fca3ee478c162db60993e2edd77695177ec4c4e
42a93a33d427355556b284124ad2fe79b163b64a04c5a3e52d278afb029b73da
42fb9d8c8ad76244a6f79c38725170e4200e6c279ec1de79bb0e0f06304de5cb
4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d
4edb223105fbed7bcf03a0b9a2235e6e478ac64669f9d6840aebe88ed6c166bc
4f189cf2a2080f2fbf4735ccd8e2faa836d54e5e6de1917dbd225efb61bc561a
501766d902b477541fc89db03fa303db12d4f1fc28c0be829997b465edd68359
5434659f449dbedecc66b870f0a2dc70a8352a9b8c0f260fb584a9dd0a501830
5470cf5187c72ee95ba2ea26a0c02365fc51d9fdd2229504af6fb06891ec0e29
58ef398459b11df193255541415dcb4cac9228f28d8f6a28d697329494f68b20
5a527063ed118ded8511a78f3b4d79debd2f9e2d24bdcecc3ba3a9ff3e05d7f6
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
61129b396ad81eb173c946c566cfe7fcac37c12b7ef2bc7b307bed9c2998a3bb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6d7772fe4611ddf4830104fa873770182b22fc26f1596e563e1041d57b38aad4
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6f83fceb144b8adb9b9370314b371cf4daaa869f49b84f2065f18cff4e78b3d4
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a75aeaf30064d5389e8eb5e3febc802cf687b9848b4ee25a2ccc707632731e7
7d070ae92554169506758360610f8c7a0b347ad8261320f99af650331a2dc6bd
7db20f04a96ecf0bf50b4ff889aaae6bad1a0cc63d1fb19503ccdc17baee077e
81167d93ec7720fc34e59e32745b5ec932b693a68fb7170a8ab282135d7daf56
83f84f8bea34b145c794068407638191f841da98fbb5db936ee3bfc898975017
85482c87b539e5fc17e00693ba0a0b8153924e191a113cfe1672735b31499e43
86fd1543533af7aa0758c61e50ea2c68a5bf83bf0f94dd82df917fa997221cfc
8865cf1d00dcb4f024ea0ae800cd488deabba01b4cfb93a495fab96f4ec200c2
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8af33876e52ed79a83b0bf07aa8545f4f0ca8296f5b7f7873f2d780f30774ff1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fcb75f9e4454f869bffe93b4ec0ca63aa930f0d5ae82530f0641e67d88a2d0d
902f6894dd0f37b7d0563c6217844ad9e14c080ea9f588fff3c5c421d3696737
90ec8b6455ad1e20b8d9bffbd1f3bf2a6ee0aad9247e1684d93b803edc31ddb4
97f4a4e40b1fa4af3b66182fd92cf1abdcd4bd95e144aa7220a27a0e84ae375d
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
9ac8a009ae6ba3a278a5b0c816d95047105c043371da6eff681b7d40175a98a8
a970e6d52b671920284b0b53e77a47fbfd8f67b4139385114a3baabbfdf37f2d
adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b307fa13586f4fbcb4e54eb952654b9303c528dac38b32d0578a68e9eeaf02b3
b44981d0855b313b878aa15c6fa784ca2bf3561f435839f89b92fde6507b952b
b67a7e47c9a86b72222902ce935afc142f683f415fc5be76e4d9f3061a57b200
b73eddac92863e6f994f4ee2b4b00980988caa5f65e3f5567136fc59151b3abc
b9e8d0d8528060ce8582b8cf175fbc65e5034fd782d8ad14cf324275c2290735
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4
cc099993f865e49fdee6bcc0d1388b02ecd0d89eef69674fbc340bfa5e1813dc
ccf080c5282c71021906c28f7aa58e34813991ae2a3b0e8cbde6a82d78ccbd16
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d0cf2c4476d1be9c1283ae0986c95b52f93f21eec1c601aec4a1d41d2f2d28
d1fae5ad012f168a86de235be3762af11e369f72f64b05c0249e1518f7a05e67
d6708c7fcaffd54c568ef2494294af2b41839cf185055eb5acc696a6aefa1ca4
d7cfda05c167b37f861a700e21dc8badf0da62e1eaf24e292ef66b635c6cbb6a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db291a7d8aa96db9f92ae65aa572b81d048a28c733e5b8a1ccd46cb5d8094cb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54206de39d24295b8b13faf5a6ef91ba0c392ed18d2139c22b12c4b31fc76f9
ea0b7a6ebe261feed721c51fbd2729581a536d44f30238e46dab46163ce6e3ea
ec8835be36abcae14026f359ad1683fc928739bd1521a48a3b6c7635cdd4a0e7
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef947d5b7341846724ba65996528647f2d6f3f634257636b4caa9b4e8024f9c9
f3d1db5393c63c2dff3255f7ef7546501625f37752876dbbec6ddb5eaab5c24d
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe86476640b5720d5a49bd10d4334f348f2d357adf2f227d6387d1c5d364ab20

www.rolimons.com Open in urlscan Pro 172.67.74.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

159 Requests

94 %HTTPS

37 %IPv6

29 Domains

46 Subdomains

42 IPs

4 Countries

1689 kBTransfer

8678 kBSize

5 Cookies

7 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rolimons.com Open in urlscan Pro
172.67.74.181 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

94 %
HTTPS

37 %
IPv6

29
Domains

46
Subdomains

42
IPs

4
Countries

1689 kB
Transfer

8678 kB
Size

5
Cookies

159 HTTP transactions
3 data transactions