urlscan.io logo urlscan.io
SecurityTrails logo

era67hfo92w.com Open in urlscan Pro
94.242.230.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://era67hfo92w.com/
Effective URL: https://era67hfo92w.com/
Submission: On December 14 via manual from IN — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 11 countries across 45 domains to perform 80 HTTP transactions. The main IP is 94.242.230.71, located in Luxembourg and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is era67hfo92w.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.
This is the only time era67hfo92w.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 94.242.230.71 209242 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
3 142.250.185.200 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
1 172.217.16.196 15169 (GOOGLE)
4 216.239.34.178 15169 (GOOGLE)
1 178.250.1.8 44788 (ASN-CRITE...)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 18.66.102.106 16509 (AMAZON-02)
1 37.157.5.141 198622 (ADFORM Ad...)
2 172.67.175.82 13335 (CLOUDFLAR...)
2 54.233.196.91 16509 (AMAZON-02)
3 104.102.37.145 16625 (AKAMAI-AS)
2 104.21.94.142 13335 (CLOUDFLAR...)
2 172.67.203.18 13335 (CLOUDFLAR...)
1 95.101.111.183 20940 (AKAMAI-AS...)
1 18.66.122.5 16509 (AMAZON-02)
1 173.194.76.157 15169 (GOOGLE)
1 13.33.187.109 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
1 13.32.27.48 16509 (AMAZON-02)
2 2.17.100.147 20940 (AKAMAI-AS...)
1 3 35.214.183.184 19527 (GOOGLE-2)
1 18.229.79.16 16509 (AMAZON-02)
3 52.30.41.131 16509 (AMAZON-02)
8 9 35.214.136.108 19527 (GOOGLE-2)
1 3.64.144.49 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
1 3 104.18.27.193 13335 (CLOUDFLAR...)
1 34.253.30.51 16509 (AMAZON-02)
1 54.171.237.72 16509 (AMAZON-02)
1 37.157.2.250 198622 (ADFORM Ad...)
2 37.157.6.231 198622 (ADFORM Ad...)
2 5 185.89.210.180 29990 (ASN-APPNEX)
1 2 52.31.21.54 16509 (AMAZON-02)
2 2 34.252.79.168 16509 (AMAZON-02)
3 178.250.1.9 44788 (ASN-CRITE...)
1 1 142.250.185.162 15169 (GOOGLE)
1 89.149.193.89 60781 (LEASEWEB-...)
1 141.226.228.48 200478 (TABOOLA-A...)
1 124.146.153.166 2514 (INFOSPHER...)
1 57.181.154.98 16509 (AMAZON-02)
1 154.54.250.81 26558 (FREEWHEEL)
1 2 34.252.45.231 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 13.107.21.237 8068 (MICROSOFT...)
1 64.202.112.127 23352 (SERVERCEN...)
1 198.47.127.205 62713 (AS-PUBMATIC)
1 18.66.112.34 16509 (AMAZON-02)
1 23.32.185.35 16625 (AKAMAI-AS)
1 23.38.98.201 20940 (AKAMAI-AS...)
1 2 76.223.111.18 16509 (AMAZON-02)
1 63.34.80.100 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (Amobee NE...)
80 54
5    94.242.230.71 (Luxembourg)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
era67hfo92w.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
3    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
1    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net
www.google.com
4    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dynamic.criteo.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net
static.hotjar.com
1    37.157.5.141 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
track.adform.net
2    172.67.175.82 (United States)

ASN13335 (CLOUDFLARENET, US)
adscool.net
2    54.233.196.91 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-196-91.sa-east-1.compute.amazonaws.com
event.getblue.io
widget.getblue.io
3    104.102.37.145 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-37-145.deploy.static.akamaitechnologies.com
zz.connextra.com
2    104.21.94.142 (None, )

ASN13335 (CLOUDFLARENET, US)
scripts.mediamathrdrt.com
rtg.mediamathrdrt.com
2    172.67.203.18 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrmads.com
1    95.101.111.183 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a95-101-111-183.deploy.static.akamaitechnologies.com
tm.ads.sportradar.com
1    18.66.122.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-5.fra60.r.cloudfront.net
euhosted.live.rezync.com
1    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
1    13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net
script.hotjar.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
1    13.32.27.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-48.fra56.r.cloudfront.net
cdn.eu.zetaglobal.net
2    2.17.100.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-17-100-147.deploy.static.akamaitechnologies.com
tracker.ads.sportradar.com
3    35.214.183.184 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 184.183.214.35.bc.googleusercontent.com
a.sportradarserving.com
eu.sportradarserving.com
1    18.229.79.16 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-79-16.sa-east-1.compute.amazonaws.com
event.getblue.io
3    52.30.41.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-41-131.eu-west-1.compute.amazonaws.com
people.api.eu.zetaglobal.net
9    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
1    3.64.144.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
r.casalemedia.com
1    34.253.30.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-30-51.eu-west-1.compute.amazonaws.com
onsiterecs.api.eu.zetaglobal.net
1    54.171.237.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-237-72.eu-west-1.compute.amazonaws.com
events.api.eu.zetaglobal.net
1    37.157.2.250 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
s2.adform.net
2    37.157.6.231 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
a1.adform.net
5    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    52.31.21.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-21-54.eu-west-1.compute.amazonaws.com
segment.prod.bidr.io
2    34.252.79.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-79-168.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
sslwidget.criteo.com
dis.criteo.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    89.149.193.89 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync-t1.taboola.com
1    124.146.153.166 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    57.181.154.98 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-181-154-98.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
1    154.54.250.81 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    34.252.45.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-45-231.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.66.112.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-34.fra56.r.cloudfront.net
s.ad.smaato.net
1    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    23.38.98.201 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-38-98-201.deploy.static.akamaitechnologies.com
ade.clmbtech.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    63.34.80.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-80-100.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
3    46.228.174.117 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
Apex Domain
Subdomains		 Transfer
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
3 KB
6 zetaglobal.net
cdn.eu.zetaglobal.net — Cisco Umbrella Rank: 286103
people.api.eu.zetaglobal.net — Cisco Umbrella Rank: 260928
onsiterecs.api.eu.zetaglobal.net — Cisco Umbrella Rank: 266008
events.api.eu.zetaglobal.net — Cisco Umbrella Rank: 248039
96 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 281
5 KB
5 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3682
gum.criteo.com — Cisco Umbrella Rank: 450
sslwidget.criteo.com — Cisco Umbrella Rank: 2375
dis.criteo.com — Cisco Umbrella Rank: 702
29 KB
5 era67hfo92w.com
era67hfo92w.com
27 KB
4 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 7471
match.prod.bidr.io — Cisco Umbrella Rank: 615
2 KB
4 adform.net
track.adform.net — Cisco Umbrella Rank: 5786
s2.adform.net — Cisco Umbrella Rank: 6873
a1.adform.net — Cisco Umbrella Rank: 12248
33 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
3 casalemedia.com
dsum.casalemedia.com — Cisco Umbrella Rank: 1580
r.casalemedia.com — Cisco Umbrella Rank: 1967
2 KB
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2505
eu.sportradarserving.com — Cisco Umbrella Rank: 80902
3 KB
3 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 48759
tracker.ads.sportradar.com — Cisco Umbrella Rank: 50517
62 KB
3 connextra.com
zz.connextra.com — Cisco Umbrella Rank: 15181
17 KB
3 getblue.io
event.getblue.io — Cisco Umbrella Rank: 36619
widget.getblue.io — Cisco Umbrella Rank: 39644
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
226 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
739 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
979 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 800
909 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
3 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
2 KB
2 getrmads.com
metrics.getrmads.com
3 KB
2 mediamathrdrt.com
scripts.mediamathrdrt.com — Cisco Umbrella Rank: 108635
rtg.mediamathrdrt.com — Cisco Umbrella Rank: 230388
3 KB
2 adscool.net
adscool.net — Cisco Umbrella Rank: 163894
3 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
378 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3004
620 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 2973
259 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2996
278 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
307 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 920
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 897
360 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
690 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 724
833 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
440 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
661 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4789
44 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2206
866 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1988
375 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
587 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2034
44 B
1 rezync.com
euhosted.live.rezync.com — Cisco Umbrella Rank: 257135
14 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 gstatic.com
fonts.gstatic.com
50 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
0 aralego.com Failed
sync.aralego.com — Cisco Umbrella Rank: 2992 Failed
80 45
Domain Requested by
9 x.bidswitch.net 8 redirects
5 era67hfo92w.com 1 redirects era67hfo92w.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 secure.adnxs.com 1 redirects era67hfo92w.com
3 people.api.eu.zetaglobal.net cdn.eu.zetaglobal.net
3 zz.connextra.com www.googletagmanager.com
zz.connextra.com
era67hfo92w.com
3 www.googletagmanager.com era67hfo92w.com
www.googletagmanager.com
2 sync.1rx.io 2 redirects
2 eb2.3lift.com 1 redirects
2 ad.360yield.com 1 redirects
2 ib.adnxs.com 1 redirects
2 dis.criteo.com
2 match.prod.bidr.io 2 redirects
2 segment.prod.bidr.io 1 redirects era67hfo92w.com
2 a1.adform.net s2.adform.net
2 dsum.casalemedia.com 1 redirects era67hfo92w.com
2 pixel.rubiconproject.com era67hfo92w.com
2 a.sportradarserving.com 1 redirects era67hfo92w.com
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 metrics.getrmads.com www.googletagmanager.com
metrics.getrmads.com
2 event.getblue.io www.googletagmanager.com
event.getblue.io
2 adscool.net era67hfo92w.com
adscool.net
2 my.rtmark.net www.googletagmanager.com
era67hfo92w.com
1 sync.targeting.unrulymedia.com
1 sync-criteo.ads.yieldmo.com
1 ade.clmbtech.com
1 criteo-sync.teads.tv
1 s.ad.smaato.net
1 simage2.pubmatic.com
1 sync.outbrain.com
1 c.bing.com
1 contextual.media.net
1 idsync.rlcdn.com
1 ads.stickyadstv.com
1 cs.adingo.jp
1 r.casalemedia.com
1 tg.socdm.com
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 cm.g.doubleclick.net 1 redirects
1 sslwidget.criteo.com dynamic.criteo.com
1 s2.adform.net era67hfo92w.com
1 events.api.eu.zetaglobal.net cdn.eu.zetaglobal.net
1 onsiterecs.api.eu.zetaglobal.net cdn.eu.zetaglobal.net
1 eu.sportradarserving.com era67hfo92w.com
1 e1.emxdgt.com era67hfo92w.com
1 widget.getblue.io event.getblue.io
1 rtg.mediamathrdrt.com era67hfo92w.com
1 cdn.eu.zetaglobal.net era67hfo92w.com
1 gum.criteo.com dynamic.criteo.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 euhosted.live.rezync.com era67hfo92w.com
1 tm.ads.sportradar.com era67hfo92w.com
1 scripts.mediamathrdrt.com www.googletagmanager.com
1 track.adform.net www.googletagmanager.com
1 static.hotjar.com era67hfo92w.com
1 dynamic.criteo.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com era67hfo92w.com
0 sync.aralego.com Failed
80 62

This site contains no links.

Subject Issuer Validity Valid
era67hfo92w.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
adscool.net
WE1		 2024-12-13 -
2025-03-13		 3 months crt.sh
*.getblue.io
Amazon RSA 2048 M02		 2024-11-28 -
2025-12-28		 a year crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-12-04 -
2025-12-06		 a year crt.sh
mediamathrdrt.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
getrmads.com
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
tracker.ads.sportradar.com
R10		 2024-11-28 -
2025-02-26		 3 months crt.sh
*.live.rezync.com
Amazon RSA 2048 M03		 2024-03-03 -
2025-04-01		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cdn.eu.zetaglobal.net
Amazon RSA 2048 M03		 2024-11-24 -
2025-12-24		 a year crt.sh
api.eu.zetaglobal.net
Amazon RSA 2048 M02		 2024-12-02 -
2026-01-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-23		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2024-05-17 -
2025-06-18		 a year crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2024-08-14 -
2025-09-13		 a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2024-11-13 -
2025-12-02		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02		 2024-08-04 -
2025-09-02		 a year crt.sh
teads.tv
R10		 2024-11-25 -
2025-02-23		 3 months crt.sh
colombiaonline.com
R10		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03		 2024-03-04 -
2025-04-03		 a year crt.sh

This page contains 10 frames:

Primary Page: https://era67hfo92w.com/
Frame ID: D158545103D79915E1E985AFB45E1137
Requests: 49 HTTP requests in this frame

Frame: https://era67hfo92w.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: DAA24106A2A9C06C67DC76A6A14CC76E
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fera67hfo92w.com
Frame ID: 12F4A97AF0E23B695EC76FD52EACBAA9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=era67hfo92w.com&origin=onetag
Frame ID: DBC675DF5BECFC4CAC1C81EA10E46144
Requests: 1 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=0199CFE4-C4A4-0F47-8843686EEFC6C86E&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=604eae8f-775c-4727-a7f7-e6d66fe32dc8&ulc=&v=29092023-1023&nocache=8448316570574.55
Frame ID: D7C6596AB952BA1AED1DDDEEDA3B6595
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192061%26t%3D2
Frame ID: D65DBDE083EABA1E1936ADCE8FA07CEE
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: 6C301A3C991867ED5A05D6B42350A3BB
Requests: 1 HTTP requests in this frame

Frame: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=&_bee_ppp=1
Frame ID: 9F97E9A9CE18EBAA538EBD432E89C78E
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAJgDE7OumMAABaDrsYcNA
Frame ID: 0A40F6470B086EA844689E6EFE2CCEA1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_gid=CAESEHtfbDnvuEgQtBd6eaHX9vw&google_cver=1&google_ula=913071,0
Frame ID: 870799D9555D8D91A8C5576C1435A67D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403

Page URL History Show full URLs

  1. http://era67hfo92w.com/ HTTP 307
    https://era67hfo92w.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

80
Requests

81 %
HTTPS

0 %
IPv6

45
Domains

62
Subdomains

54
IPs

11
Countries

671 kB
Transfer

1858 kB
Size

84
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://era67hfo92w.com/ HTTP 307
    https://era67hfo92w.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://era67hfo92w.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://era67hfo92w.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Request Chain 31
  • https://a.sportradarserving.com/pixel?type=js&aid=1790&id=8658 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1790&id=8658
Request Chain 38
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=150323b5-72ce-425a-aadd-5b64417f7c66 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=150323b5-72ce-425a-aadd-5b64417f7c66 HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=3a0168b3-14b6-485f-8815-397347cadf22&gdpr=&gdpr_consent=&us_privacy=
Request Chain 39
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=c8ea8171-1ac0-47b6-936f-674242be177e HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=c8ea8171-1ac0-47b6-936f-674242be177e HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=3a0168b3-14b6-485f-8815-397347cadf22&expires=30&gdpr=&gdpr_consent=&us_privacy=
Request Chain 40
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=798ab97c-71a9-4148-8d42-3e9bf6e0fe45 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=798ab97c-71a9-4148-8d42-3e9bf6e0fe45 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy=&C=1
Request Chain 41
  • https://x.bidswitch.net/syncd?dsp_id=409&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
  • https://eu.sportradarserving.com/bsw_sync?bsw_uid=2e958812-2a64-46cf-9191-9e2694cc0814
Request Chain 50
  • https://secure.adnxs.com/seg?add=31192061&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192061%26t%3D2
Request Chain 52
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=&_bee_ppp=1
Request Chain 53
  • https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAJgDE7OumMAABaDrsYcNA
Request Chain 55
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_cm&google_hm=ay1pYThiNUZ1VFNhVWZ3d04tcWlRUUYySkdYalZrSy0tdlQxNUduZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_gid=CAESEHtfbDnvuEgQtBd6eaHX9vw&google_cver=1&google_ula=913071,0
Request Chain 57
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1558841934556257217
Request Chain 64
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow
Request Chain 74
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 75
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-leHH-FuTSaUfwwN-qiQQF2JGXjXZH5wJ0kGKtg HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=9080d854-6935-3a70-86b6-bfda67463cc4&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Ducfunnel%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=ucfunnel&user_id=k-EX8ZaluTSaUfwwN-qiQQF2JGXjVGdDRjMUghxw&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2e958812-2a64-46cf-9191-9e2694cc0814
Request Chain 77
  • https://sync.1rx.io/usersync/criteodsp/k-zUwyaluTSaUfwwN-qiQQF2JGXjWl9h62biDlzg HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-zUwyaluTSaUfwwN-qiQQF2JGXjWl9h62biDlzg?zcc=1&cb=1734160746893 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-69b85efa-1185-463c-8727-18fe08819fa0-003

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
era67hfo92w.com/
Redirect Chain
  • http://era67hfo92w.com/
  • https://era67hfo92w.com/
25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.230.71 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a9661d751137f99043d3e3960b91aa8709a87339ad27ae5ba316e1b3ba7a6d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8f1c6c52ad34c21f-TLV
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 14 Dec 2024 07:19:00 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://era67hfo92w.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
668de9efe0491ea7cf72d78384e6813402ed10fd25f795bbddb48d889ada87bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 07:19:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 07:16:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		379 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f951eff7f9ab84889bf432a8abaa037680633f632c2c1d01e20ec5e7fe34a02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 14 Dec 2024 07:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 14 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
124525
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f40337fb15e95309c30e22dd55eb03659ab8e447b3fe108713f19c0b095c59ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
814f5bc8e4e2bcef85b0b718f25d9b26a1b0a5217ad2d8f491696f8d744dbd69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://era67hfo92w.com
Referer
https://fonts.googleapis.com/

Response headers

age
232794
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 14:39:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 14:39:07 GMT
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
51404
x-xss-protection
0
server
sffe
main.js
era67hfo92w.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame DAA2
Redirect Chain
  • https://era67hfo92w.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://era67hfo92w.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://era67hfo92w.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
94.242.230.71 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac59a4c6958f833ccfdb5bb01e1fb0be5ba60e0cfe469a2c1c08144777488a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8f1c6c5768fdc21f-TLV
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
cf-ray
8f1c6c56e89cc21f-TLV
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 14 Dec 2024 07:19:00 GMT
vary
Accept-Encoding
server
cloudflare
8f1c6c52ad34c21f
era67hfo92w.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DAA2 		0
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://era67hfo92w.com/cdn-cgi/challenge-platform/h/g/jsd/r/8f1c6c52ad34c21f
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.242.230.71 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8f1c6c588e6ec22f-TLV
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fera67hfo92w.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1091991986.1734160741&dt=403&auid=1706837664.1734160741&navt=n&npa=0&gtm=45He4cc1v830059172za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734160741500&tfd=1438&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers
js
www.googletagmanager.com/gtag/ 		308 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XF54YG8FKL&l=dataLayer&cx=c&gtm=45He4cc1v830059172za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
427781e455f3ad71996868614b71b114397a6cc6000d95abaf7382d00b67c20e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 14 Dec 2024 07:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105820
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
gzip
age
860
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 09:04:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:04:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=109003&a=115071&a=%20115367&a=%20109002&a=%20115072&a=117534&a=%20115070
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7239a57a697156131cd4b7fc5320237da5a677db789a62cbcf50fb4fcbab1daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
p.js
my.rtmark.net/ 		697 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d003d03284f7087f9b24eca85da7af5eb8756b81e82e480fd60cbdf691628a1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nz9gmuUpwTZ%2BBQ%2FPhxTu3b3y4Q5W3vTiojRzZyRsR5j2sVuZ3ei08H9yX%2BzVu%2FvGjhHr5hE0szt%2FJFVhbifR8MYeSmQhCcUgrb29VT1UNltLRN4x24NhZoLVI6Jh2AU%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70556&min_rtt=70509&rtt_var=14905&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4373&delivery_rate=8177&cwnd=12000&unsent_bytes=0&cid=76b8a4ef36156d28&ts=154&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/javascript
priority
u=3,i=?0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f1c6c5b4f037d9e-TLV
access-control-allow-origin
*
server
cloudflare
hotjar-2145302.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2145302.js?sv=6
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
4b6d7c2dd10030310df4164a59d9f7e75cb5a15c48f3c3385e67c33c132d670c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/fb5026ae83ee691b5b19507de6187f85
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
fWRV4AOt-bkOSb-A12-H-R8JfMNrJ2jG3noJhN_5OEhFKUxIG55QGg==
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
/
track.adform.net/Serving/Cookie/ 		73 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET,POST
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
*
server
nginx
rabona.js
adscool.net/assets/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adscool.net/assets/js/rabona.js
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d0a80dc874f3e1d93c9eab647e88cc9fa1b91480969417c8a3208bb4ab94ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-request-id
5f407bf9-b23f-4b53-bcc7-7f97a9869c57
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"1d0a80dc874f3e1d93c9eab647e88cc9"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuVW%2FKqcyWrPEyQBreIdYqxhrNC87RR5uL9ZgQ9yJKnCbehg2POeqPNorzuX%2F%2FCclfif%2BjMp%2B380CBSNdECQS%2BYBI4R0VEoitm3GhM0XQImpKO%2FR3Zr%2BuZP7uRXs3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
status
200 OK
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=104574&min_rtt=104489&rtt_var=22187&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4120&recv_bytes=4327&delivery_rate=5551&cwnd=12000&unsent_bytes=0&cid=abd317d0bd3a8778&ts=224&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.001101
priority
u=3,i=?0
cache-control
max-age=604800, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8f1c6c5b9a2be281-MRS
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
blue-tag.min.js
event.getblue.io/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/js/blue-tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.196.91 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-196-91.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
gzip
etag
W/"9113-1734141975976"
x-content-type-options
nosniff
accept-ranges
bytes
date
Sat, 14 Dec 2024 07:19:02 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Sat, 14 Dec 2024 02:06:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
homepage
zz.connextra.com/dcs/tagController/tag/a63e00208e85/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/dcs/tagController/tag/a63e00208e85/homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.37.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-37-145.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
a1e03932963095a5bddccda2553dcb34a1e4b45df89776e3c4b7196269d6084b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
must-revalidate, max-age=234
content-encoding
gzip
x-envoy-upstream-service-time
2
expires
Sat, 14 Dec 2024 07:22:55 GMT
content-length
16567
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
server
istio-envoy
b_rabona.js
scripts.mediamathrdrt.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediamathrdrt.com/scripts/b_rabona.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12bec9bcbb5089d65e103eabb935980e6015d10ccfb867a6e7ee9a1913b3d445

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-request-id
84cb5f0d-f966-4195-950f-05db7c823bd4
content-encoding
zstd
cf-cache-status
DYNAMIC
etag
W/"12bec9bcbb5089d65e103eabb935980e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUk3HZRfVevNmBWZViApYENxGILbZy6k1nUGX3Sh%2FvW2vkBEZ%2FhZOmzlYMqlv8%2FS2Hys5mVo25Jc0BwLgp85Jd1Bg8tjXnE9T9seJQAmdx9H1HobNqkRU5XqyTy6X%2FkyR96xoRMu8Kq9XY7Q"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71767&min_rtt=71526&rtt_var=11608&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4380&delivery_rate=286&cwnd=12000&unsent_bytes=0&cid=9e664975779724ec&ts=252&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/javascript; charset=utf-8
x-runtime
0.006990
priority
u=3,i=?0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1c6c5b599dc224-TLV
access-control-allow-origin
*
server
cloudflare
js
metrics.getrmads.com/tag/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVdQFONOU%2B7xuzU%2FsZQdWIUCGqaysvInwf83mrC6rLp9ncld7TlNqHBJupJRA2RoFC9qpqGo0SIpIOJqsrmHJIJUBHa9kAhuoyE1sH8r9ug5elBHe142U9MTTFUFjHIf5EfMaQTHng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1c6c5cdf727da0-TLV
expires
0
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71840&min_rtt=71306&rtt_var=11700&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4192&recv_bytes=4383&delivery_rate=288&cwnd=12000&unsent_bytes=0&cid=c28e7a4b46bb2a26&ts=270&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
text/javascript
server
cloudflare
priority
u=3,i=?0
tag-manager.js
tm.ads.sportradar.com/dist/ 		304 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAZY
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.183 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02a55f38f374d729e433dfac7e89cb7045c69cd41a34b4fdd94d14269ced9249

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
max-age=900, public
content-encoding
gzip
apigw-requestid
CxSoCi5wjoEEPKw=
content-length
32076
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
application/javascript
content-disposition
inline
vary
Accept-Encoding
sync
euhosted.live.rezync.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euhosted.live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=23fd5188d2a4afcd73b3ed493e115ad9&k=rabona-com-pixel-7517&zmpID=rabona-com
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-5.fra60.r.cloudfront.net
Software
lighttpd/1.4.69 /
Resource Hash
3011a2e3057910d8359fd9f231e93951167e823a6c0da38aaf56d348d9eb943d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

via
1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
13751
x-amz-cf-id
ezYOGZS0aaPlgi3vNR_C-GoRSeb0NDSnmwLU7wCAbqsBAdF9ecMuSg==
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
text/javascript
vary
Cookie
server
lighttpd/1.4.69
x-amz-cf-pop
FRA60-P2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 12F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fera67hfo92w.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
59682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 14:44:19 GMT
expires
Sat, 13 Dec 2025 14:44:19 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XF54YG8FKL&gtm=45je4cc1v874247297z8830059172za200zb830059172&_p=1734160740865&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1708947208.1734160742&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734160741&sct=1&seg=0&dl=https%3A%2F%2Fera67hfo92w.com%2F&dt=403&en=page_view&_fv=1&_nsi=1&_ss=1&up.UserID=Not%20Login&tfd=1735
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XF54YG8FKL&l=dataLayer&cx=c&gtm=45He4cc1v830059172za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://era67hfo92w.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:01 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1060968479&t=pageview&_s=1&dl=https%3A%2F%2Fera67hfo92w.com%2F&ul=he-il&de=UTF-8&dt=403&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=891426814&gjid=1974057958&cid=1708947208.1734160742&tid=UA-151907223-1&_gid=1465926047.1734160742&_slc=1&gtm=45He4cc1n81T9SGLPZv830059172za200&cd1=Not%20Login&cd2=Not%20Login&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2137610492
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://era67hfo92w.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://era67hfo92w.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-151907223-1&cid=1708947208.1734160742&jid=891426814&gjid=1974057958&_gid=1465926047.1734160742&_u=YCDAgEABAAAAAGAAI~&z=167018131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://era67hfo92w.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://era67hfo92w.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
rabona.gif
adscool.net/hit/ 		0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adscool.net/hit/rabona.gif?p=https%3A%2F%2Fera67hfo92w.com%2F&r=&id=tid-35c112007.382fe697d&ts=1734160741
Requested by
Host: adscool.net
URL: https://adscool.net/assets/js/rabona.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-request-id
6689dd71-7891-48a6-a38e-71675fb0455d
content-encoding
gzip
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5yYYnPrehxVc2MtvwF5iRyL1RThXz63eyXeXuf1xTZC3weD3WHYtA6Y1Z2UK%2F02y4yZW1VA%2ByDmC5UqzlYPjelRdlKDPvdv2ujowLrVl6CwC2bXasTbKZ7zLW1TQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
status
200 OK
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=107081&min_rtt=104489&rtt_var=16829&sent=15&recv=12&lost=0&retrans=0&sent_bytes=6910&recv_bytes=4732&delivery_rate=24228&cwnd=12000&unsent_bytes=0&cid=abd317d0bd3a8778&ts=461&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.003994
priority
u=3,i=?0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8f1c6c5d1e9ae281-MRS
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
modules.675199526fcb21f102e5.js
script.hotjar.com/ 		222 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.675199526fcb21f102e5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2145302.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-109.fra60.r.cloudfront.net
Software
/
Resource Hash
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"787cb060b057c5d555662c23eb0e0d17"
age
321115
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
0HAAqeTg4pEm8r9Dw1whXc_ORw0Uvy-K9kELQoGKicV-kmj6NJoFEg==
date
Tue, 10 Dec 2024 14:07:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 14:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56361
x-amz-cf-pop
FRA60-P9
syncframe
gum.criteo.com/ Frame DBC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=era67hfo92w.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=109003&a=115071&a=%20115367&a=%20109002&a=%20115072&a=117534&a=%20115070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://era67hfo92w.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 14 Dec 2024 07:19:01 GMT
server
Kestrel
server-processing-duration-in-ticks
367530
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
p13n.min.js
cdn.eu.zetaglobal.net/p13n/rabona-com/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6e546941dfb1ee630f53355b1374256fee7c8c9e31f8918b02acd89bb944e29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
public, max-age=3600
etag
"707537b08f71aba873721beb33247aba"
age
3025
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
96486
x-amz-cf-id
FjBlyncn8e2gV8fOE7Knxo_jFG0sKvQYw2A8CPJLz50n5MHrmkVDxg==
date
Sat, 14 Dec 2024 06:28:40 GMT
content-type
application/javascript
last-modified
Sun, 24 Nov 2024 00:35:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
img.gif
my.rtmark.net/ 		43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1&ttl=&rurl=https%3A%2F%2Fera67hfo92w.com%2F
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98c%2FyeBwq7coTvY7w%2BpfpdA6o4cAqL9XP8c1f1kdU0LJJ2d9JMWYHC40ri5seRcJGZNz%2FkWXPXp70CKbvTdCWCNw12AsyPmewaw%2BN6M0xvj%2Fl87j1DHWCbjx56Z1snbI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73747&min_rtt=70509&rtt_var=14274&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5435&recv_bytes=4879&delivery_rate=16604&cwnd=12000&unsent_bytes=0&cid=76b8a4ef36156d28&ts=865&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f1c6c5fcb6d7d9e-TLV
access-control-allow-origin
*
content-length
43
server
cloudflare
tracker.js
tracker.ads.sportradar.com/dist/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAZY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-17-100-147.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=900, public
content-encoding
gzip
etag
"235331a0761142ae4fd345cdf7c7f9ed"
accept-ranges
bytes
content-length
6405
x-amz-cf-id
1EXG75y4FOp0V0VUKEHVedmnG7eMjbCh7K45WfTTpl_uh86bIipXSw==
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
application/javascript
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
pixel
a.sportradarserving.com/ul_cb/
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1790&id=8658
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1790&id=8658
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1790&id=8658
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
35.214.183.184 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
184.183.214.35.bc.googleusercontent.com
Software
/
Resource Hash
f3ea46710a32f213f9c8019a9e338555281764b6f95ef8c2be9244e850f10e31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1527
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
text/javascript; charset=UTF-8

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1790&id=8658
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:02 GMT
sync
rtg.mediamathrdrt.com/ 		43 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtg.mediamathrdrt.com/sync?ref=&lp=https%3A%2F%2Fera67hfo92w.com%2F&sh=1200&sw=1600&date=1734160742530&fp=uid-3323825587.7771863218
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-request-id
b8a8409e-07e4-40cb-84ee-4a8ac2d4c487
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYwCksOqEjCL%2BqrU6iv7dafq9Rsf04JtOm7Z2EwGiFm1ctNSSEjX5fx5eDL%2FJ1HMuLNLt4tkaJPX1pfLPmgJ3rkLEvJi48SivKlTUiVoEGvW8eC5eQFIVC4rAmPcc1TZrVaGuXmzbmg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72064&min_rtt=71526&rtt_var=9299&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5973&recv_bytes=4953&delivery_rate=24073&cwnd=12000&unsent_bytes=0&cid=9e664975779724ec&ts=1207&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
image/gif
content-disposition
inline; filename="pixel.gif"
x-runtime
0.014439
priority
u=3,i
x-frame-options
SAMEORIGIN
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8f1c6c612ec9c224-TLV
content-length
43
x-xss-protection
1; mode=block
server
cloudflare
/
event.getblue.io/p/ Frame D7C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/p/?cId=0199CFE4-C4A4-0F47-8843686EEFC6C86E&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=604eae8f-775c-4727-a7f7-e6d66fe32dc8&ulc=&v=29092023-1023&nocache=8448316570574.55
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.79.16 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-79-16.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://era67hfo92w.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 14 Dec 2024 07:19:03 GMT
tagcontainer-version
1211-16092024-1120
vary
Accept-Encoding
/
widget.getblue.io/event/ 		13 B
92 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getblue.io/event/?cId=0199CFE4-C4A4-0F47-8843686EEFC6C86E&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=604eae8f-775c-4727-a7f7-e6d66fe32dc8&ulc=&v=29092023-1023&if=0&nocache=2722852326676.7393
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.196.91 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-196-91.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
text/javascript;charset=UTF-8
content-length
13
wmetrics
metrics.getrmads.com/ 		0
627 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=he-il&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fera67hfo92w.com%2F&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by
Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYdJ3g2%2B9uYKqMYW2Ql641kz24hE5AUtkEzgAPqyYnvKy%2Bd4b%2FfzbXF98rRyzCpigjKdRLcRySiCKjaMyGyu%2B23GrqapFAtEFG0s9U5RtsFJJisl9EvM6MKQ1MgtnU4oaXLWhHsiRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1c6c612b037da0-TLV
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74045&min_rtt=71306&rtt_var=10636&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6752&recv_bytes=4888&delivery_rate=32691&cwnd=12000&unsent_bytes=0&cid=c28e7a4b46bb2a26&ts=936&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 14 Dec 2024 07:19:02 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=4,i
resolve
people.api.eu.zetaglobal.net/identify/ 		144 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.eu.zetaglobal.net/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZTU5ZmY4ODctM2VjZi00MTIzLTgwYjAtZjdhYWYwMDJkOGY3OjE3MzQxNjA3NDIuMjEyMDMwMiJ9fQ%3D%3D&site_id=rabona-com
Requested by
Host: cdn.eu.zetaglobal.net
URL: https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.41.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-41-131.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe39cda3eca54a8cf88b34216697b2eca1e32c2c3173db34d78348bc7a370771

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
content-length
144
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With,Content-Type,Authorization,x-app-id
sp-3.8.0.js
tracker.ads.sportradar.com/dist// 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-17-100-147.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=900, public
content-encoding
gzip
etag
"143272dddc33395008a84a86ac9c2e96"
accept-ranges
bytes
content-length
24162
x-amz-cf-id
-zeVmtcVBbL1qyZhT1X4--X4xx6fZyf5RDcYWxfSeyv2-PhhF_r1oA==
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
application/javascript
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
put
e1.emxdgt.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=150323b5-72ce-425a-aadd-5b64417f7c66
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=150323b5-72ce-425a-aadd-5b64417f7c66
  • https://e1.emxdgt.com/put?d=d21&uid=3a0168b3-14b6-485f-8815-397347cadf22&gdpr=&gdpr_consent=&us_privacy=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=3a0168b3-14b6-485f-8815-397347cadf22&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
3.64.144.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-144-49.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

date
Sat, 14 Dec 2024 07:19:04 GMT
server
awselb/2.0

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//e1.emxdgt.com/put?d=d21&uid=3a0168b3-14b6-485f-8815-397347cadf22&gdpr=&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:03 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=c8ea8171-1ac0-47b6-936f-674242be177e
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=c8ea8171-1ac0-47b6-936f-674242be177e
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=3a0168b3-14b6-485f-8815-397347cadf22&expires=30&gdpr=&gdpr_consent=&us_privacy=
42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=3a0168b3-14b6-485f-8815-397347cadf22&expires=30&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ef823186f233724f4775c0c4b9549d14
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=3a0168b3-14b6-485f-8815-397347cadf22&expires=30&gdpr=&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:03 GMT
rum
dsum.casalemedia.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=798ab97c-71a9-4148-8d42-3e9bf6e0fe45
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&cb=798ab97c-71a9-4148-8d42-3e9bf6e0fe45
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy=&C=1
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy=&C=1
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYTxNI7gJ8uFWprhTOXhP0GB%2F1P37sc0wOBJtYzhZsT%2BXZ4G8KvXqIwIvLwhinTA4j6mFpmdDqqqsdyREuCQtGxd4KnAcWn4yvqQZ97iE21IUIKQRmHSTshMuzpI%2BK1ySHpj2F1w"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1c6c6b88da7da4-TLV
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 14 Dec 2024 07:19:04 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=51&external_user_id=2e958812-2a64-46cf-9191-9e2694cc0814&gdpr=&gdpr_consent=&us_privacy=&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwP8qTl1YOU2vBqep3u4xqaJdOlVGPl7rkJdov2rK0TOxz7tiVHspq%2BssNnkad8dliufLZDCVy79BBgMcHinl76rrbsUTISYXBKWLZj9kL4FQTWizPfWFHPG5OPWIq4%2B3u2aEe56"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1c6c69dfae7da4-TLV
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 14 Dec 2024 07:19:04 GMT
vary
Accept-Encoding
server
cloudflare
bsw_sync
eu.sportradarserving.com/
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=409&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=a411bcb5-65b9-4d0b-9b33-b23acdd058a1&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
  • https://eu.sportradarserving.com/bsw_sync?bsw_uid=2e958812-2a64-46cf-9191-9e2694cc0814
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/bsw_sync?bsw_uid=2e958812-2a64-46cf-9191-9e2694cc0814
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
35.214.183.184 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
184.183.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//eu.sportradarserving.com/bsw_sync?bsw_uid=2e958812-2a64-46cf-9191-9e2694cc0814
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:03 GMT
engagement
people.api.eu.zetaglobal.net/v1/scores/ 		26 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.eu.zetaglobal.net/v1/scores/engagement?data=eyJzaXRlX2lkIjoicmFib25hLWNvbSIsImJzaW4iOiI4RWJ3Y2VrOGVRMmNESDlUY3puYVR2bDY3UFN1SCtDNHFqQ0ZCc2JtTWhWckQvSGZaK3B3QW5VL3JKNnZBTzJLdWdweDZuUW51SlJrdm12anVzWlNlZz09In0%3D&site_id=rabona-com
Requested by
Host: cdn.eu.zetaglobal.net
URL: https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.41.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-41-131.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7983dda92999fb9a5fdd1f722d6ae0c87b6b422258cf75cf718d217a798669b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
content-length
26
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With,Content-Type,Authorization,x-app-id
selectors
onsiterecs.api.eu.zetaglobal.net/api/v1/ 		17 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsiterecs.api.eu.zetaglobal.net/api/v1/selectors?url=https%3A%2F%2Fera67hfo92w.com%2F&site_id=rabona-com
Requested by
Host: cdn.eu.zetaglobal.net
URL: https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.30.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-30-51.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c6443e56a8d88c1734afadf22d91420afa0c321e7387077aca580735a046b57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-allow-origin
https://era67hfo92w.com
content-length
17
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
application/json
vary
Origin
server
nginx
track
events.api.eu.zetaglobal.net/event/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.eu.zetaglobal.net/event/track
Requested by
Host: cdn.eu.zetaglobal.net
URL: https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.237.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-237-72.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://era67hfo92w.com/

Response headers

access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
content-length
2
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
text/plain
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
engagement
people.api.eu.zetaglobal.net/v1/scores/ 		26 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.eu.zetaglobal.net/v1/scores/engagement?data=eyJzaXRlX2lkIjoicmFib25hLWNvbSIsImJzaW4iOiI4RWJ3Y2VrOGVRMmNESDlUY3puYVR2bDY3UFN1SCtDNHFqQ0ZCc2JtTWhWckQvSGZaK3B3QW5VL3JKNnZBTzJLdWdweDZuUW51SlJrdm12anVzWlNlZz09In0%3D&site_id=rabona-com
Requested by
Host: cdn.eu.zetaglobal.net
URL: https://cdn.eu.zetaglobal.net/p13n/rabona-com/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.41.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-41-131.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7983dda92999fb9a5fdd1f722d6ae0c87b6b422258cf75cf718d217a798669b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
content-length
26
date
Sat, 14 Dec 2024 07:19:03 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With,Content-Type,Authorization,x-app-id
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.2.250 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

x-cache-status
HIT
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"1c188eabf1f0749a0cffb2c108473370"
x-amz-request-id
tx00000f5c0946b15a17624-0066c347d3-32993cbc-default
access-control-allow-origin
*
date
Sat, 14 Dec 2024 07:19:04 GMT
x-rgw-object-type
Normal
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 08 Mar 2024 07:02:31 GMT
/
a1.adform.net/Serving/TrackPoint/ 		636 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?pm=2796857&ADFPageName=ZG_Generic_Low&ADFdivider=%7C&ord=109854247290&ADFtpmode=2&loc=https%3A%2F%2Fera67hfo92w.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.231 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d2f87402b8e3bc5d2eee5d5e9ec909cebff7e83d1e1331b0aae005fe9db01be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
445
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Sat, 14 Dec 2024 07:19:04 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
/
a1.adform.net/Serving/TrackPoint/ 		115 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2796857&ADFPageName=ZG_Generic_Low&ADFdivider=%7C&ord=109854247290&ADFtpmode=2&loc=https%3A%2F%2Fera67hfo92w.com%2F&Set1=he-IL%7Che-IL%7C1600x1200%7C24&frpid=4690403166235641403
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.231 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
223fa84c45db3bb4232ffe140f704372bbeb38ba06941aa5c6453229b94f3406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
192
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Sat, 14 Dec 2024 07:19:04 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
a63e00208e85
zz.connextra.com/Rabona/dcs/tagController/tagData/ 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/Rabona/dcs/tagController/tagData/a63e00208e85
Requested by
Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/a63e00208e85/homepage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.37.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-37-145.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://era67hfo92w.com/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
x-envoy-upstream-service-time
3
pragma
no-cache
access-control-allow-credentials
true
expires
Sat, 14 Dec 2024 07:19:05 GMT
access-control-allow-origin
https://era67hfo92w.com
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length
20
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
text/plain
vary
origin,accept-encoding
server
istio-envoy
bounce
secure.adnxs.com/ Frame D65D
Redirect Chain
  • https://secure.adnxs.com/seg?add=31192061&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192061%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192061%26t%3D2
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.152; 31.187.78.152; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
28715731-7bd8-4ed2-bc36-40a0861231d3
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 14 Dec 2024 07:19:05 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192061%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.152; 31.187.78.152; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
6aab0ff9-eef6-401b-90ec-251767a5e9d4
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 14 Dec 2024 07:19:05 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
getuidnb
secure.adnxs.com/ Frame 6C30 		43 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.152; 31.187.78.152; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
d3c172d4-1206-4977-a02a-2e22c1011b06
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 14 Dec 2024 07:19:05 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
associate-segment
segment.prod.bidr.io/ Frame 9F97
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=&_bee_ppp=1
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
HTTP/1.1
Server
52.31.21.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-21-54.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
Server
gunicorn

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1784&value=&_bee_ppp=1
Content-Length
0
Date
Sat, 14 Dec 2024 07:19:05 GMT
Server
gunicorn
Connection
keep-alive
AAJgDE7OumMAABaDrsYcNA
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame 0A40
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/geniussports
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAJgDE7OumMAABaDrsYcNA
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAJgDE7OumMAABaDrsYcNA
Requested by
Host: era67hfo92w.com
URL: https://era67hfo92w.com/
Protocol
H2
Server
104.102.37.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-37-145.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
x-envoy-upstream-service-time
1
pragma
no-cache
expires
Sat, 14 Dec 2024 07:19:05 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length
64
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
vary
accept-encoding
server
istio-envoy

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAJgDE7OumMAABaDrsYcNA
Content-Length
0
Date
Sat, 14 Dec 2024 07:19:05 GMT
Server
gunicorn
Connection
keep-alive
event
sslwidget.criteo.com/ 		44 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=%5B109003%2C115071%2C%2520115367%2C%2520109002%2C%2520115072%2C117534%2C%2520115070%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Leads)%2520-%2520v5&p2=e%3Ddis&adce=1&bundle=plDA8l93eUVhaFZCciUyQkpCV1BhelZkZDJ3dWtNYVUyWGNGWDlXNjRQQTR4WjVEcHZtQm5iNkltSDE2TVFDbnFmNjR2U2RCQXBmNW96M2U1UDV3OHZENWtUN1c1WkJicCUyRjBSNkw3ZnZFbHpMOG4zY3dKOU1wVmclMkJTb1hhdEZNU0ZoUTU2ZzlLNzNJcVNGQXBrV2VZTXhPNCUyQjZrZkNjd3NDS3pJRzlhQXVCUUJmJTJGZ2hvJTNE&tld=era67hfo92w.com&dy=1&fu=https%253A%252F%252Fera67hfo92w.com%252F&ceid=9e19d017-a9e0-4f95-bd22-4599b64dc7ff
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=109003&a=115071&a=%20115367&a=%20109002&a=%20115072&a=117534&a=%20115070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f3176ed390a54eb282697601914fef76329a5913b63a60216d6a557304b4796c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
25224691
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
application/x-javascript
server
Kestrel
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8707
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_cm&google_hm=ay1pYThiNUZ1VFNhVWZ3d04tcWlRUUYySkdYalZrSy0td...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_gid=CAESEHtfbDnvuEgQtBd6eaHX9vw&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_gid=CAESEHtfbDnvuEgQtBd6eaHX9vw&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1477722
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ia8b5FuTSaUfwwN-qiQQF2JGXjVkK--vT15Gng&google_gid=CAESEHtfbDnvuEgQtBd6eaHX9vw&google_cver=1&google_ula=913071,0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
398
date
Sat, 14 Dec 2024 07:19:05 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
sync
x.bidswitch.net/ Frame 8707 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EX8ZaluTSaUfwwN-qiQQF2JGXjVGdDRjMUghxw&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8707
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1558841934556257217
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1558841934556257217
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
941589
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1558841934556257217
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.152; 31.187.78.152; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
9d589a3d-863b-4d1e-b11a-4e3a793e7c3a
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 14 Dec 2024 07:19:05 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
rtb-csync.smartadserver.com/redir/ Frame 8707 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YRVce1uTSaUfwwN-qiQQF2JGXjWv5KSuLgpWiw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.89 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 14 Dec 2024 07:19:05 GMT
pragma
no-cache
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8707 		0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yAoJ2FuTSaUfwwN-qiQQF2JGXjWnZ1XkD9FXCQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
57097
date
Sat, 14 Dec 2024 07:19:05 GMT
server
nginx
access-control-allow-credentials
true
idsync
tg.socdm.com/aux/ Frame 8707 		43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-4GhrYluTSaUfwwN-qiQQF2JGXjV7q7ieV8F2Dw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.166 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
private
X-SO-Cluster-ID
0
X-SO-LB-Hostname
m-ng14.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-4GhrYluTSaUfwwN-qiQQF2JGXjV7q7ieV8F2Dw","cluster_id":0,"gdpr":false,"ipv4":"31.187.78.152","key":"Z10xasCo8HIAANt2Z64AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40255"}
X-SO-Upstream-ID
a-ad40255
X-SO-HostName
a-ad40255.dc2p.scaleout.jp
Connection
keep-alive
X-SO-IP
31.187.78.152
X-SO-Key
Z10xasCo8HIAANt2Z64AAAAA
Content-Length
43
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 14 Dec 2024 07:19:06 GMT
X-SO-Ads-Time
3
Content-Type
image/gif
Server
nginx
rum
r.casalemedia.com/ Frame 8707 		43 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QDERQFuTSaUfwwN-qiQQF2JGXjXnvAOsOu7C4w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1SkAaJy2ZYY9Ot2%2Ff2IWgpDf11IqjQVN5tXVjfhCSrBf2i%2FEjMG%2Fr%2Fy1Y5ciXZMtBwmKfEkBmZz6A8j0nm5U%2BitXrMDu%2FdpYQXxuFMYzjcYxmrewQzsgRTx7Y0pc%2BZ3zanD"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f1c6c752ac2c21f-TLV
content-length
43
server
cloudflare
/
cs.adingo.jp/sync/ Frame 8707 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-2u5VYFuTSaUfwwN-qiQQF2JGXjX7zKfa1jbtog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.154.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-154-98.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 14 Dec 2024 07:19:06 GMT
server
awselb/2.0
user-registering
ads.stickyadstv.com/ Frame 8707 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-CjDYB1uTSaUfwwN-qiQQF2JGXjVmb-Tg1OI-Vg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.54.250.81 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1734160746161014-376
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Sat, 14 Dec 2024 07:19:06 GMT
Content-Type
image/gif
Server
nginx
match
ad.360yield.com/ul_cb/ Frame 8707
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow
Protocol
H2
Server
34.252.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif

Redirect headers

access-control-allow-origin
*
location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QChKkVuTSaUfwwN-qiQQF2JGXjWBaNOds0PRow
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
text/plain
362338.gif
idsync.rlcdn.com/ Frame 8707 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-S2gMgVuTSaUfwwN-qiQQF2JGXjVj-T3MKI10Vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame 8707 		59 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-zfALEluTSaUfwwN-qiQQF2JGXjUZjb1LFtWRcA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Sat, 14 Dec 2024 07:19:06 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length
59
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif
server
Apache
c.gif
c.bing.com/ Frame 8707 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-3-n2AFuTSaUfwwN-qiQQF2JGXjVxXl6I0hWNLw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
x-msedge-ref
Ref A: 36143DD45C0F4D1FADAC4CEC7BA1633C Ref B: TLV30EDGE0106 Ref C: 2024-12-14T07:19:06Z
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
42
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
x-powered-by
ASP.NET
cookie-sync
sync.outbrain.com/ Frame 8707 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-z0vgw1uTSaUfwwN-qiQQF2JGXjWLlHJiSazKmA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 14 Dec 2024 07:19:06 GMT
x-traceid
bb7dce01aceca664408ad754cf20b791
Pug
simage2.pubmatic.com/AdServer/ Frame 8707 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-SO9OIVuTSaUfwwN-qiQQF2JGXjUg27O3z3aslw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Sat, 14 Dec 2024 07:19:05 GMT
content-type
text/html; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 8707 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-HACUw1uTSaUfwwN-qiQQF2JGXjWeJ87pEIyKWQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ef823186f233724f4775c0c4b9549d14
Pragma
no-cache
content-length
42
Content-Type
image/gif
/
s.ad.smaato.net/c/ Frame 8707 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-hqV-ZVuTSaUfwwN-qiQQF2JGXjVVsmm5vo7zoQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-34.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cache-control
no-cache, must-revalidate
x-cache
Miss from cloudfront
x-amz-cf-id
I1hcpnqIQMxZ7QtT1vlxJqwiPH5foZUSoim4lr04HlV2ig4YrF4Ptw==
date
Sat, 14 Dec 2024 07:19:06 GMT
x-amz-cf-pop
FRA56-P5
server
CloudFront
um
criteo-sync.teads.tv/ Frame 8707 		23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-v94A81uTSaUfwwN-qiQQF2JGXjWuQ2Coll63WA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 14 Dec 2024 07:19:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync.htm
ade.clmbtech.com/uid/ Frame 8707 		68 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-4ettzFuTSaUfwwN-qiQQF2JGXjVkqfuHbJTDlA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-201.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
content-length
68
x-xss-protection
1; mode=block
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/jpeg
server
Bhoot
x-upstream
172.29.17.244:80
x-frame-options
sameorigin
xuid
eb2.3lift.com/ Frame 8707
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=2711&xuid=k-xWPYFVuTSaUfwwN-qiQQF2JGXjXcUANVsjqjdw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sat, 14 Dec 2024 07:19:06 GMT
idSync
sync.aralego.com/ Frame 8707
Redirect Chain
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-leHH-FuTSaUfwwN-qiQQF2JGXjXZH5wJ0kGKtg
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=9080d854-6935-3a70-86b6-bfda67463cc4&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Ducfunnel%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=ucfunnel&user_id=k-EX8ZaluTSaUfwwN-qiQQF2JGXjVGdDRjMUghxw&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2e958812-2a64-46cf-9191-9e2694cc0814
0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 8707 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-zjJlqFuTSaUfwwN-qiQQF2JGXjVumnoLbeol2A&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.80.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-80-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
image/gif;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
RX-69b85efa-1185-463c-8727-18fe08819fa0-003
sync.targeting.unrulymedia.com/csync/ Frame 8707
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-zUwyaluTSaUfwwN-qiQQF2JGXjWl9h62biDlzg
  • https://sync.1rx.io/usersync/criteodsp/k-zUwyaluTSaUfwwN-qiQQF2JGXjWl9h62biDlzg?zcc=1&cb=1734160746893
  • https://sync.targeting.unrulymedia.com/csync/RX-69b85efa-1185-463c-8727-18fe08819fa0-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-69b85efa-1185-463c-8727-18fe08819fa0-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 14 Dec 2024 07:19:07 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-69b85efa-1185-463c-8727-18fe08819fa0-003
date
Sat, 14 Dec 2024 07:19:07 GMT
pragma
no-cache
content-type
text/html
setuid
ib.adnxs.com/ Frame 8707 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k--FhI9FuTSaUfwwN-qiQQF2JGXjWymGxBNP4vGQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
31.187.78.152; 31.187.78.152; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
66dcfd65-f37a-4ac4-892d-a571b59f31f8
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 14 Dec 2024 07:19:06 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
favicon.ico
era67hfo92w.com/ 		25 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://era67hfo92w.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.242.230.71 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee3a375f88f7217cb4482af9042195e44d99d5cdaeb4935913a739e060e983e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://era67hfo92w.com/

Response headers

content-encoding
br
cf-ray
8f1c6c76de21c22f-TLV
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XF54YG8FKL&gtm=45je4cc1v874247297z8830059172za200zb830059172&_p=1734160740865&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1708947208.1734160742&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1734160741&sct=1&seg=0&dl=https%3A%2F%2Fera67hfo92w.com%2F&dt=403&_s=2&tfd=6743
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XF54YG8FKL&l=dataLayer&cx=c&gtm=45He4cc1v830059172za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://era67hfo92w.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://era67hfo92w.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 07:19:06 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.aralego.com
URL
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2e958812-2a64-46cf-9191-9e2694cc0814

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| dataLayer boolean| is403page string| visitorRegion object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| srtmCommands object| x object| y function| zync_call object| gaGlobal object| gaplugins object| gaData object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| Adform object| Criteo object| criteo_q function| bt object| _bt object| _srt_namespace function| _srt_argus function| _ads_popstate_listener object| _ads number| instId function| setLocalStorage function| getLocalStorage function| setSessionStorage function| getSessionStorage function| setCookieBlue function| getCookieBlue function| generateUid function| setLastClickBlue function| expireULCBlue function| getDomainBlue object| blue function| documentReady function| executeFlow function| loadFunction function| executeRequests function| blue_obj function| createDivElement function| createIframeElement function| createScriptElement function| createImgElement function| isSessionStorageEnabled function| isLocalStorageEnabled function| isCookieEnabled object| blue_q object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt function| b function| a string| blue_v string| bluecpy_id number| idxCampaignId number| idxPageType object| __core-js_shared__ object| GlobalSnowplowNamespace function| snowplowApi object| _adftrack object| KJUR object| adf

84 Cookies

Domain/Path Name / Value
.era67hfo92w.com/ Name: __cf_bm
Value: GlRmqBBUkgsn1KKxAfcecQXBGZAxssjdmvwHBD8JgrE-1734160740-1.0.1.1-Ff5oLmPHvcW68sMrkNoHDVW6IHCgddJZz6iaquBeU2weTF1kCMZd3ETApgZXNTqSVXjrKgQUYQNcSrUAKEzUjA
.era67hfo92w.com/ Name: cf_clearance
Value: LVvxnl2E.A0iU8OgtvW7Xu3RHaSfzUzuj73oXotng8c-1734160741-1.2.1.1-EZH5hFDnb4os0za705Xbt6feESdEdO7iNIVI4LWmcAdpyXeozBK20JME02wv.iGWJbU18bs3cMcG6G8WKx.bHSKRePJOGMBKJrOdnOzQIpv5hKfzjCj9xmOzblzFxuosAx1uHYKgSXx_AVtV5_TiPyJqJmMKMjNycJdF349txPDrvqONG3JJ1xuZXfmKxqC1gmcRZqVnPDWf4w7_bLUYiBXyilBBdvXq1MqR5YfChYa9H95WG8Xs06NWNc3UpFSVUh65VvC2X7BQLiRd.8OpBBL5w2ntLfjxPWE3ns0X14sCgBQUzMFZDovgUGM6sBoxHPt39neg71KPT5s3t8k__se.93qYkrIibWCLd.SM6GKYiE21__HASp3FJyCqqjQs
.era67hfo92w.com/ Name: _gcl_au
Value: 1.1.1706837664.1734160741
.era67hfo92w.com/ Name: _ga_XF54YG8FKL
Value: GS1.1.1734160741.1.0.1734160741.0.0.0
.mediamathrdrt.com/ Name: slfp
Value: eyJ1dWlkIjoiYzJjMzM2MjEtNjE0ZS00Y2U3LWJjOGUtMmFmYmZkYmFiYWVl%0AIiwibmFtZSI6ImJfcmFib25hIiwidHMiOiIyMDI0LTEyLTE0IDA0OjE5OjAx%0AIC0wMzAwIn0%3D%0A
.era67hfo92w.com/ Name: _ga
Value: GA1.2.1708947208.1734160742
.era67hfo92w.com/ Name: _gid
Value: GA1.2.1465926047.1734160742
.era67hfo92w.com/ Name: _dc_gtm_UA-151907223-1
Value: 1
era67hfo92w.com/ Name: __adm_tid
Value: tid-35c112007.382fe697d
.rezync.com/ Name: zync-uuid
Value: e59ff887-3ecf-4123-80b0-f7aaf002d8f7:1734160742.2120302
euhosted.live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZTU5ZmY4ODctM2VjZi00MTIzLTgwYjAtZjdhYWYwMDJkOGY3OjE3MzQxNjA3NDIuMjEyMDMwMiJ9.Z10xZg.SmfCLlGGDWsXRdhK-Z17nPv0pf0
.criteo.com/ Name: uid
Value: 65cbf0b8-05a5-4748-98a1-e10b57bbc3a0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
my.rtmark.net/ Name: ID
Value: 088132273b98443ae4224c8b511b6183
.era67hfo92w.com/ Name: _hjSessionUser_2145302
Value: eyJpZCI6ImU4Yjk4NTdmLWE5YTgtNTQwNy1iZTZjLWJjMzRkYWEzMDFkMCIsImNyZWF0ZWQiOjE3MzQxNjA3NDI0ODQsImV4aXN0aW5nIjpmYWxzZX0=
.era67hfo92w.com/ Name: _hjSession_2145302
Value: eyJpZCI6IjQ5YzNkZmRkLWVkMGMtNGI2Yy05ZjJlLWE5YzU1NGM4MjQ1MCIsImMiOjE3MzQxNjA3NDI0ODUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
era67hfo92w.com/ Name: _fingerprint
Value: uid-3323825587.7771863218
.era67hfo92w.com/ Name: blueID
Value: 604eae8f-775c-4727-a7f7-e6d66fe32dc8
.era67hfo92w.com/ Name: cto_bundle
Value: plDA8l93eUVhaFZCciUyQkpCV1BhelZkZDJ3dWtNYVUyWGNGWDlXNjRQQTR4WjVEcHZtQm5iNkltSDE2TVFDbnFmNjR2U2RCQXBmNW96M2U1UDV3OHZENWtUN1c1WkJicCUyRjBSNkw3ZnZFbHpMOG4zY3dKOU1wVmclMkJTb1hhdEZNU0ZoUTU2ZzlLNzNJcVNGQXBrV2VZTXhPNCUyQjZrZkNjd3NDS3pJRzlhQXVCUUJmJTJGZ2hvJTNE
.mediamathrdrt.com/ Name: fp
Value: 2e5349d0-b820-4251-947f-875335e240a5
.era67hfo92w.com/ Name: _bts
Value: 7ee11c29-9d7b-4b37-f66a-974a4719c502
.sportradarserving.com/ Name: zuuid
Value: a411bcb5-65b9-4d0b-9b33-b23acdd058a1
.sportradarserving.com/ Name: c
Value: 1734160742
.sportradarserving.com/ Name: zuuid_lu
Value: 1734160743
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1734160743
.sportradarserving.com/ Name: cm2
Value: !bidswitch=503489943
.sportradarserving.com/ Name: bss
Value: !bidswitch=503417943
.era67hfo92w.com/ Name: _bti
Value: %7B%22app_id%22%3A%22rabona-com%22%2C%22bsin%22%3A%228Ebwcek8eQ2cDH9TcznaTvl67PSuH%2BC4qjCFBsbmMhVrD%2FHfZ%2BpwAnU%2FrJ6vAO2Kugpx6nQnuJRkvmvjusZSeg%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.era67hfo92w.com/ Name: _sp_srt_ses.c466
Value: *
.era67hfo92w.com/ Name: _sp_srt_id.c466
Value: b3ac96fe-d8f9-446f-801c-b1d3f67384c2.1734160743.1.1734160743..1ecc9e71-024f-4978-8edb-6549a209c091....0
.getblue.io/ Name: ckid
Value: 1931DD07-E742-426A-84C3319F7715268F
.getblue.io/ Name: hash
Value: d4466a59712d560b3a5de49ac4f20651eaf2c77de0abd9f403e3b08b89e8398368a1161488c2eb6d32
.bidswitch.net/ Name: c
Value: 1734160743
.bidswitch.net/ Name: tuuid_lu
Value: 1734160743
.bidswitch.net/ Name: tuuid
Value: 2e958812-2a64-46cf-9191-9e2694cc0814
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlKwBFKiACfjvUdqFEW2JTku9R0aI6SEyV-ACgdPl_U_8shapySB2bd4yAp-II
.casalemedia.com/ Name: CMID
Value: Z10xaIsFVoYAAFOoBaAthAAA
.casalemedia.com/ Name: CMPS
Value: 5324
.casalemedia.com/ Name: CMPRO
Value: 5324
.rubiconproject.com/ Name: khaos
Value: M4NUJ610-J-596W
.rubiconproject.com/ Name: khaos_p
Value: M4NUJ610-J-596W
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: C
Value: 1
era67hfo92w.com/ Name: adformfrpid
Value: 4690403166235641403
.adform.net/ Name: uid
Value: 1102050938117378587
.connextra.com/ Name: CxtId
Value: 366d095a-1bf3-4a3a-ab1a-94768a06f98d
.connextra.com/ Name: Rabona
Value: P%7Chomepage%7C1%7C202412140719
.adnxs.com/ Name: XANDR_PANID
Value: pdzZZSCI8bEjDc-W0U2n-_9DCpoXRdWEtI_gzXhasCkQLEdbqljewHRqdR9Kl42w3SRB5vG1XnI53KgT7PtNmqVe41V-8R8FvGm1oQcwdM8.
.adnxs.com/ Name: uuid2
Value: 1558841934556257217
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAJgDE7OumMAABaDrsYcNA
.taboola.com/ Name: t_gid
Value: 82980bcc-cb6b-471b-89f1-b52b717efa38-tucte56b6e9
.taboola.com/ Name: t_pt_gid
Value: 82980bcc-cb6b-471b-89f1-b52b717efa38-tucte56b6e9
.smartadserver.com/ Name: pid
Value: 4610602248521734039
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-YRVce1uTSaUfwwN-qiQQF2JGXjWv5KSuLgpWiw
.rlcdn.com/ Name: rlas3
Value: zE5y895V691YjVXRhqEVH6WaIteOWcxbjP4ArnPhP0Q=
.rlcdn.com/ Name: pxrc
Value: CAA=
.ads.stickyadstv.com/ Name: UID
Value: 1021cb7acbaefcd192a64944bb573e
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-CjDYB1uTSaUfwwN-qiQQF2JGXjVmb-Tg1OI-Vg
.rubiconproject.com/ Name: audit_p
Value: 1|HTmYLOLkVdXORrG/ZjhgrVwrb48aJjKPTh0zyqzTduKUHKCefwHvs9uKTDWSIjQqYZXQeVFHKPBw0S94mtzOH5VQQ8PbNdNJa2/uQJ7jJIzqzgvz5/tt/hYF4u8ldZ4ZDg9bgesR5+ictCyI2P1iOe2D7mJyQP8duoMAqkBoC3H2UFBNyzu6rMgL4c757ObsdNagGyTJzJG5rlSNwSsL0NPkg5SxFR0TyBLU5mnulkyma+WVcS1g3g==
.rubiconproject.com/ Name: audit
Value: 1|HTmYLOLkVdXORrG/ZjhgrVwrb48aJjKPTh0zyqzTduKUHKCefwHvs9uKTDWSIjQqYZXQeVFHKPBw0S94mtzOH5VQQ8PbNdNJa2/uQJ7jJIzqzgvz5/tt/hYF4u8ldZ4ZDg9bgesR5+ictCyI2P1iOe2D7mJyQP8duoMAqkBoC3H2UFBNyzu6rMgL4c757ObsdNagGyTJzJG5rlSNwSsL0NPkg5SxFR0TyBLU5mnulkyma+WVcS1g3g==
.360yield.com/ Name: tuuid
Value: 53b60901-91f2-4109-a767-189617318fa1
.360yield.com/ Name: tuuid_lu
Value: 1734160746
.bing.com/ Name: MUID
Value: 3B2B4D59FCB4645E2D8A580CFDC96540
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: visitor-id
Value: 3771623466904808000V10
.media.net/ Name: data-c-ts
Value: 1734160746
.media.net/ Name: data-c
Value: k-zfALEluTSaUfwwN-qiQQF2JGXjUZjb1LFtWRcA~~3
.360yield.com/ Name: um
Value: !38,81wh7CdCiViCPKQanfteZNWxrsf60diKQOSjZOKScSMn4IBI9nKjcHitO7vpbLZ2ZkkfLBUR,1741936746
.360yield.com/ Name: umeh
Value: !38,0,1796368746,-1
.smaato.net/ Name: SCM
Value: fa50de9960
.socdm.com/ Name: SOC
Value: Z10xasCo8HIAANt2Z64AAAAA
.teads.tv/ Name: tt_viewer
Value: 49d3758a-671c-408d-b6cf-afcc185a9a36
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E?fpkc1q!]tbG8i_it:z!9CUYaIi^%9]^Z0D^+I.6OfL.FTgD>ntCVzx'f9wsTH^)^piC`yd=LdE3X:ulKI<QG=%9sk@3@'s>ThNFRx
.3lift.com/ Name: tluidp
Value: 3766831508109814979377
.3lift.com/ Name: tluid
Value: 3766831508109814979377
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-69b85efa-1185-463c-8727-18fe08819fa0-003%22%7D
.yieldmo.com/ Name: yieldmo_id
Value: VzipbAM6r5M9Ot_viC1k%7C1734134400000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-zjJlqFuTSaUfwwN-qiQQF2JGXjVumnoLbeol2A
.aralego.com/ Name: sspid
Value: 9080d854-6935-3a70-86b6-bfda67463cc4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-69b85efa-1185-463c-8727-18fe08819fa0-003%22%7D

3 Console Messages

Source Level URL
Text
network error URL: https://era67hfo92w.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
rendering warning URL: https://era67hfo92w.com/
Message:
The key "target-densitydpi" is not supported.
network error URL: https://era67hfo92w.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a1.adform.net
ad.360yield.com
ade.clmbtech.com
ads.stickyadstv.com
adscool.net
c.bing.com
cdn.eu.zetaglobal.net
cm.g.doubleclick.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
dis.criteo.com
dsum.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
era67hfo92w.com
eu.sportradarserving.com
euhosted.live.rezync.com
event.getblue.io
events.api.eu.zetaglobal.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
match.prod.bidr.io
metrics.getrmads.com
my.rtmark.net
onsiterecs.api.eu.zetaglobal.net
people.api.eu.zetaglobal.net
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtg.mediamathrdrt.com
s.ad.smaato.net
s2.adform.net
script.hotjar.com
scripts.mediamathrdrt.com
secure.adnxs.com
segment.prod.bidr.io
simage2.pubmatic.com
sslwidget.criteo.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.aralego.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tg.socdm.com
tm.ads.sportradar.com
track.adform.net
tracker.ads.sportradar.com
widget.getblue.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
zz.connextra.com
sync.aralego.com
104.102.37.145
104.18.27.193
104.21.94.142
124.146.153.166
13.107.21.237
13.32.27.48
13.33.187.109
141.226.228.48
142.250.184.195
142.250.185.162
142.250.185.200
142.250.186.74
154.54.250.81
172.217.16.196
172.67.175.82
172.67.203.18
173.194.76.157
178.250.1.11
178.250.1.8
178.250.1.9
18.229.79.16
18.66.102.106
18.66.112.34
18.66.122.5
184.30.20.22
185.89.210.180
188.114.96.3
198.47.127.205
2.17.100.147
216.239.34.178
23.32.185.35
23.38.98.201
3.64.144.49
34.252.45.231
34.252.79.168
34.253.30.51
35.214.136.108
35.214.183.184
35.244.174.68
37.157.2.250
37.157.5.141
37.157.6.231
46.228.174.117
52.30.41.131
52.31.21.54
54.171.237.72
54.233.196.91
57.181.154.98
63.34.80.100
64.202.112.127
69.173.144.139
76.223.111.18
89.149.193.89
94.242.230.71
95.101.111.183
02a55f38f374d729e433dfac7e89cb7045c69cd41a34b4fdd94d14269ced9249
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
0ac59a4c6958f833ccfdb5bb01e1fb0be5ba60e0cfe469a2c1c08144777488a5
12bec9bcbb5089d65e103eabb935980e6015d10ccfb867a6e7ee9a1913b3d445
1c6443e56a8d88c1734afadf22d91420afa0c321e7387077aca580735a046b57
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d0a80dc874f3e1d93c9eab647e88cc9fa1b91480969417c8a3208bb4ab94ac9
223fa84c45db3bb4232ffe140f704372bbeb38ba06941aa5c6453229b94f3406
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3011a2e3057910d8359fd9f231e93951167e823a6c0da38aaf56d348d9eb943d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3d003d03284f7087f9b24eca85da7af5eb8756b81e82e480fd60cbdf691628a1
427781e455f3ad71996868614b71b114397a6cc6000d95abaf7382d00b67c20e
45a9661d751137f99043d3e3960b91aa8709a87339ad27ae5ba316e1b3ba7a6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d7c2dd10030310df4164a59d9f7e75cb5a15c48f3c3385e67c33c132d670c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d2f87402b8e3bc5d2eee5d5e9ec909cebff7e83d1e1331b0aae005fe9db01be
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
668de9efe0491ea7cf72d78384e6813402ed10fd25f795bbddb48d889ada87bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ee3a375f88f7217cb4482af9042195e44d99d5cdaeb4935913a739e060e983e
7239a57a697156131cd4b7fc5320237da5a677db789a62cbcf50fb4fcbab1daa
76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60
7983dda92999fb9a5fdd1f722d6ae0c87b6b422258cf75cf718d217a798669b6
814f5bc8e4e2bcef85b0b718f25d9b26a1b0a5217ad2d8f491696f8d744dbd69
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e03932963095a5bddccda2553dcb34a1e4b45df89776e3c4b7196269d6084b
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3176ed390a54eb282697601914fef76329a5913b63a60216d6a557304b4796c
f3ea46710a32f213f9c8019a9e338555281764b6f95ef8c2be9244e850f10e31
f40337fb15e95309c30e22dd55eb03659ab8e447b3fe108713f19c0b095c59ff
f6e546941dfb1ee630f53355b1374256fee7c8c9e31f8918b02acd89bb944e29
f951eff7f9ab84889bf432a8abaa037680633f632c2c1d01e20ec5e7fe34a02d
fe39cda3eca54a8cf88b34216697b2eca1e32c2c3173db34d78348bc7a370771