vast.gg Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u24250789.ct.sendgrid.net/ls/click?upn=7Ra0B9ghOGFTiUDlhTc66VVfgQVIwW10bOxgbEfVAB5qNShtVQI-2BsfF8QIUqfrjXuxpqPetzphAJxNRf8...
Effective URL:
https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Submission: On November 10 via manual (November 10th 2022, 4:35:57 am UTC) from EG — Scanned from DE

Summary HTTP 213 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 76 IPs in 8 countries across 52 domains to perform 213 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is vast.gg.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.

This is the only time vast.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
22	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	104.18.31.181 104.18.31.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a01:7e00:1::... 2a01:7e00:1::b903:5c4c	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.79.128 18.64.79.128	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 7	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:218... 2600:9000:2182:c000:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.19 65.9.66.19	16509 (AMAZON-02) (AMAZON-02)
1	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.66.43.179 172.66.43.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.40.77 172.66.40.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.31 99.86.4.31	16509 (AMAZON-02) (AMAZON-02)
1	18.155.145.39 18.155.145.39	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.123 13.32.27.123	16509 (AMAZON-02) (AMAZON-02)
1	18.155.145.73 18.155.145.73	16509 (AMAZON-02) (AMAZON-02)
10	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
11	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
20	2600:9000:23d... 2600:9000:23d0:6200:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	184.24.12.164 184.24.12.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.86.4.110 99.86.4.110	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.239.15 23.205.239.15	16625 (AKAMAI-AS) (AKAMAI-AS)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	13.32.27.119 13.32.27.119	16509 (AMAZON-02) (AMAZON-02)
2	104.18.18.39 104.18.18.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2600:9000:249... 2600:9000:2491:4200:1:6448:6d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.126.151.133 3.126.151.133	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2600:1f18:612... 2600:1f18:612b:4264:b39c:5c5b:5f81:7972	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2.21.20.202 2.21.20.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
4	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	3.68.57.134 3.68.57.134	16509 (AMAZON-02) (AMAZON-02)
1	3.64.204.225 3.64.204.225	16509 (AMAZON-02) (AMAZON-02)
9	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2	104.18.22.45 104.18.22.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	63.32.244.82 63.32.244.82	16509 (AMAZON-02) (AMAZON-02)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	162.19.80.91 162.19.80.91	16276 (OVH) (OVH)
3	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2a05:d018:24:... 2a05:d018:24:b001:5701:9c55:1756:99ad	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
213	76

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u24250789.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

vast.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.31.181 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

widget.gleamjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-128.txl50.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.28.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:c000:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-19.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.43.179 (United States)

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)

js.gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.145.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-39.ham50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-123.fra56.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.145.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-73.ham50.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:23d0:6200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.24.12.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-164.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-110.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-119.fra56.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:4200:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.151.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-151-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:b39c:5c5b:5f81:7972 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

mb9eo.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.202 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.57.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-57-134.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.204.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-204-225.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 67.202.105.31 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.22.45 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.244.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.80.91 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:5701:9c55:1756:99ad (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	primis.tech live.primis.tech — Cisco Umbrella Rank: 3656 video.primis.tech — Cisco Umbrella Rank: 7479	749 KB
22	vast.gg vast.gg	752 KB
19	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264	316 KB
17	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 385 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 765	17 KB
15	monu.delivery monu.delivery — Cisco Umbrella Rank: 43049 imps.monu.delivery — Cisco Umbrella Rank: 55222	163 KB
11	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12799 sc.tynt.com — Cisco Umbrella Rank: 20503 ic.tynt.com — Cisco Umbrella Rank: 6931 de.tynt.com — Cisco Umbrella Rank: 2274	9 KB
8	googlesyndication.com f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	42 KB
6	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 407 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1180	988 B
6	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 483 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1405 eus.rubiconproject.com — Cisco Umbrella Rank: 826 token.rubiconproject.com — Cisco Umbrella Rank: 1059	12 KB
6	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 13528 launchpad.privacymanager.io — Cisco Umbrella Rank: 11747 geo.privacymanager.io — Cisco Umbrella Rank: 2372 ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 6921	135 KB
5	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1182 prg.smartadserver.com — Cisco Umbrella Rank: 1881 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 805	3 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1469 id5-sync.com — Cisco Umbrella Rank: 678	19 KB
5	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3768 l3.aaxads.com — Cisco Umbrella Rank: 5589	126 KB
5	gleam.io gleam.io — Cisco Umbrella Rank: 70988 js.gleam.io — Cisco Umbrella Rank: 90370	65 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4976 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6037 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7504 signal-segments.s-onetag.com — Cisco Umbrella Rank: 10116	17 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 imasdk.googleapis.com — Cisco Umbrella Rank: 468	347 KB
4	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 2342 prebid.media.net — Cisco Umbrella Rank: 1868 c21lg-d.media.net — Cisco Umbrella Rank: 3372 contextual.media.net — Cisco Umbrella Rank: 809	10 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 690 ib.adnxs.com — Cisco Umbrella Rank: 313 acdn.adnxs.com — Cisco Umbrella Rank: 880	35 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
4	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1057 ats.rlcdn.com — Cisco Umbrella Rank: 2407 id.rlcdn.com — Cisco Umbrella Rank: 899	38 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	33across.com cdn-sic.33across.com — Cisco Umbrella Rank: 24883 sic.33across.com — Cisco Umbrella Rank: 21832	119 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1785	1 KB
3	casalemedia.com 2 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 2125 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	2 KB
3	cloudfront.net d3div1mtym39ic.cloudfront.net	118 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 2046	677 B
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1634	1 KB
2	tremorhub.com 1 redirects mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 8647	644 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 799	1 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 732 image6.pubmatic.com — Cisco Umbrella Rank: 922	6 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	767 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2083	97 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	gleamjs.io widget.gleamjs.io — Cisco Umbrella Rank: 130441	11 KB
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 941	569 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2092	312 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	17 KB
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1559	152 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	2 KB
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 1402	20 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 982	806 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 872	277 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 571	140 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 415	220 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 977	304 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 8307	323 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 903	13 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2624	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	43 KB
1	sendgrid.net 1 redirects u24250789.ct.sendgrid.net	297 B
0	loopme.me Failed csync.loopme.me Failed
213	52

	Domain	Requested by
22	vast.gg	vast.gg
20	live.primis.tech	monu.delivery live.primis.tech vast.gg
18	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net imasdk.googleapis.com cdn-sic.33across.com
11	imps.monu.delivery	vast.gg
10	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
7	ic.tynt.com	vast.gg
7	c.amazon-adsystem.com	3 redirects c.amazon-adsystem.com
5	video.primis.tech	vast.gg
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c2shb.pubgw.yahoo.com	live.primis.tech
4	id5-sync.com	cdn.id5-sync.com live.primis.tech
4	gleam.io	widget.gleamjs.io vast.gg gleam.io
4	fonts.gstatic.com	fonts.googleapis.com
4	monu.delivery	vast.gg monu.delivery
3	rtb-csync.smartadserver.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	geo.privacymanager.io	launchpad.privacymanager.io ats.rlcdn.com
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
3	c.aaxads.com	vast.gg c.aaxads.com
3	d3div1mtym39ic.cloudfront.net	vast.gg
3	fonts.googleapis.com	vast.gg live.primis.tech
2	sync.tidaltv.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	eus.rubiconproject.com	live.primis.tech eus.rubiconproject.com
2	imasdk.googleapis.com	live.primis.tech imasdk.googleapis.com
2	cdn-sic.33across.com	cdn.tynt.com cdn-sic.33across.com
2	de.tynt.com	cdn.tynt.com
2	prebid-server.rubiconproject.com	live.primis.tech
2	mb9eo.publishers.tremorhub.com	1 redirects vast.gg
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	l3.aaxads.com	vast.gg
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com live.primis.tech
2	match.adsrvr.org	js-sec.indexww.com live.primis.tech
2	api.rlcdn.com	js-sec.indexww.com live.primis.tech
2	signal-segments.s-onetag.com	get.s-onetag.com
2	cdn.confiant-integrations.net	monu.delivery cdn.confiant-integrations.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	widget.gleamjs.io	vast.gg widget.gleamjs.io
1	token.rubiconproject.com	eus.rubiconproject.com
1	dis.criteo.com	1 redirects
1	id.rlcdn.com
1	contextual.media.net	live.primis.tech
1	id.crwdcntrl.net	live.primis.tech
1	c21lg-d.media.net	c.aaxads.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	sic.33across.com	cdn-sic.33across.com
1	acdn.adnxs.com	cdn-sic.33across.com
1	sc.tynt.com	cdn.tynt.com
1	btlr.sharethrough.com	live.primis.tech
1	ib.adnxs.com	live.primis.tech
1	prg.smartadserver.com	live.primis.tech
1	prebid.media.net	live.primis.tech
1	cdn.jsdelivr.net	live.primis.tech
1	image6.pubmatic.com	ads.pubmatic.com
1	ssbsync.smartadserver.com	vast.gg
1	cs.admanmedia.com	vast.gg
1	ads.stickyadstv.com	1 redirects
1	ap.lijit.com	vast.gg
1	cs.media.net	1 redirects
1	pixel.rubiconproject.com	vast.gg
1	eb2.3lift.com	vast.gg
1	x.bidswitch.net	vast.gg
1	u.openx.net	live.primis.tech
1	ads.pubmatic.com	live.primis.tech
1	cdn.tynt.com	monu.delivery
1	ats-wrapper.privacymanager.io	launchpad.privacymanager.io
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	www.aaxdetect.com	vast.gg
1	as-sec.casalemedia.com	js-sec.indexww.com
1	f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	vast.gg
1	ats.rlcdn.com	vast.gg
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	js.gleam.io	vast.gg
1	js-sec.indexww.com	monu.delivery
1	get.s-onetag.com	monu.delivery
1	launchpad-wrapper.privacymanager.io	monu.delivery
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.gravatar.com	vast.gg
1	www.googletagmanager.com	vast.gg
1	u24250789.ct.sendgrid.net	1 redirects
0	csync.loopme.me Failed	vast.gg
213	89

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
widget.gleamjs.io E1	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-23` - `2023-11-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.gleam.io Sectigo RSA Domain Validation Secure Server CA	`2022-02-20` - `2023-03-23`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2022-10-08` - `2023-01-06`	3 months	crt.sh
*.primis.tech Amazon RSA 2048 M01	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Frame ID: F564D3BC9F1BB79F2D73A8D4519ABDE8
Requests: 126 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: C5FA79CED2438177161EFFA31C4A38EE
Requests: 1 HTTP requests in this frame

Frame: https://gleam.io/1qFEP/embed?l=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&r=
Frame ID: 5381B1B9297A481FE6A29EC6C07F9138
Requests: 4 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668052800
Frame ID: 3B10BCCAE600AAA2F1B3ABB1ECE37FF2
Requests: 3 HTTP requests in this frame

Frame: https://f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 838CB11DD997A82DE275DE1C5CCD6C8A
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Frame ID: AC3FA52E2B462450327F6394502B86D6
Requests: 49 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: A74D4C9A146B32E697028BE080D32DB3
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 5755998E238F2B72BAF4E34327FC9F2A
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=94&advUuid=288da4b0-60b1-11ed-9c4e-18c6427b0406
Frame ID: 050FE821BC33DD577030C15BE9386515
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: D9480462E9ED96767F64C92FF544CC9E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 6780F783551D9632D2F0CCB8128D1F11
Requests: 1 HTTP requests in this frame

Frame: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Frame ID: E0AECD5EED1C5E30E54C8DFCC557CDE9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Frame ID: 385392354CEE07BE15A30ADD84C89620
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ED3A21CB05C2AF287F0F7BCE15BA7CD8
Requests: 3 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX8RN661&fv=1&fy=37&ke=1&suylg=203%2C209%2C272%2C241%2C251%2C356%2C369%2C282%2C201%2C267%2C108%2C291%2C292%2C310%2C3012%2C265%2C368%2C229%2C271%2C159%2C97&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: CFD7CFFF88BB552ECF2C340E76C4F987
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A966085E9070055C4B0B695264128FEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31EDCFA7759AD6A26E1E39FCD9D7BED4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 1AC2E03756DC345B2B0406DDE26CD81E
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C2069%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 86F5E34980ED1CD12493CA753DB4261F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Truman Factory | iPad 10th Gen Giveaway Nov 5th - Dec 5th - Vast | Expand Your Reach

Page URL History Show full URLs

https://u24250789.ct.sendgrid.net/ls/click?upn=7Ra0B9ghOGFTiUDlhTc66VVfgQVIwW10bOxgbEfVAB5qNShtVQI-2BsfF8QIUqf... HTTP 302
https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

213
Requests

94 %
HTTPS

30 %
IPv6

52
Domains

89
Subdomains

76
IPs

8
Countries

3399 kB
Transfer

8780 kB
Size

46
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://vast.gg/?p=4242

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Truman+Factory+%7C+iPad+10th+Gen+Giveaway+Nov+5th+%E2%80%93+Dec+5th&url=https://vast.gg/?p=4242

Search URL Search Domain Scan URL

URL: https://twitter.com/VastGG

Search URL Search Domain Scan URL

URL: https://facebook.com/VastGG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u24250789.ct.sendgrid.net/ls/click?upn=7Ra0B9ghOGFTiUDlhTc66VVfgQVIwW10bOxgbEfVAB5qNShtVQI-2BsfF8QIUqfrjXuxpqPetzphAJxNRf84yajPpy3xRRsT7yJW0BD-2FzarniklDpaLFzYxQLTC8gUqsA5ygY94SWCk-2B6TfOgn3-2FdYkw-3D-3D8ms8_wEJAMaZ425ZpQgngNzvUjanu6Bpmg3pl3TCjzU8cQ9guVfAfUsVNh1JGTmXbwHqrRpC7m6SBOVBLhrVN6hKneM0ULloBZ-2Bc5535HmqVNi9HfQxDj5-2F6O4Tk-2BDDjVRo9aaDlukQLZqfAIYRQrOoVdWZ86s6VIWxvSNlDBzVNy8YQtPJZuD57v44XGQXQT7FW1KHudqCCVTgQdToSAytS4DOyF2jKDuey79NyXc-2FuWADCGLnwzC8IKORbjz3PllSFYm-2Bs-2FLgDDay1EG4CqttN-2FfSGbM-2BqFuspvV1KrAxU-2FnNBcfHQBX3ciM-2BlANqtljZY6UEIKYKqZnLD6h24KCtt-2BukDBs7jiLGwpHR15UPLXNlznlSCcDfz5TEpAL5aMaCwwbEA8N3Njkib8jvZQmrFshKkhyBrZeyCJ4YVQWQ6Ol6m0DEjRZraLc9O9-2B98aMide3s64FdUQG8maBC5jcdnS58eMArou40be8gY42FMkyLmy-2Fgn23V11gzvmeVvkIH4-2BEhZ4qmBUT5ekAxpo75cWC9IUkjndXJiFT01F1hg5iX3ZUVvL-2F8d2tT32xaZPem2fdFfVS6zZr2UrMeIZyKNlzdutwo-2FdcEHsY9qx84FpiUrNnGWhGCrUHhIK-2BVfanb0hMOA2VzafuEZwfT25jsytMLLu71O7pDhAlHlhAJo4N6g2P6vYJ-2BajOqZJ2Mr-2FvgLDMBRFNVcRhlZePTJYF43cULeBUDb5JQmSAYpZw57yYzepAhTNUCJoR0JmVQ2ySLgHtxwFhG4GJcKiLQU64K1-2BYl-2FcA27qdOo9dEjCOEeep-2FPXpc6hQkfTBGEsx8YpJoS3gxN7WB4ZLv4hKyxrAuh2Aoah2uB8E-2FPYm05ax5nOM7yv-2BiH-2BvoIqYPDw3pWmHQ93rGl-2BB8CCsZ5uc3NQyuSiNxMb-2FGBE11KevQlI4ehoCQ46YpdwKmvCgbSxp9APCWnIEW9RNkIC0T-2FGiZbpmLR5mQNgdveRBJ9IJowommZTk80-3D HTTP 302
https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 117

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 121

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=288da50f-60b1-11ed-9c4e-18c6427b0406 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=94&advUuid=288da4b0-60b1-11ed-9c4e-18c6427b0406

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=99&advUuid=Y2x_qEQB8VlmHnwoBa_csAAAFDUAAAAB

Request Chain 135

https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58627/occ?verify=true HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A&advUuid=y-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A

Request Chain 136

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D636c7fa7eb325%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=105&advUuid=3529097371459756326

Request Chain 137

https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D

Request Chain 138

https://cs.media.net/cksync?cs=34&type=pri&ovsid=636c7fa7eb325&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA

Request Chain 140

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D8591b99421e043b424cba647febf3a&advId=134&advUuid=8591b99421e043b424cba647febf3a&gdpr_consent=&gdpr=1

Request Chain 169

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 205

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030001_636c7faa11113&knw= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_636c7faa11113&gdpr=0&gdpr_consent=

Request Chain 207

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=23c1c865-3e25-44dd-a451-9c775c8482f2&gdpr=0&gdpr_consent=

Request Chain 208

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3337d8e1-84e8-40bd-a1b3-1fcb6dd69208&gdpr=0&gdpr_consent=

213 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Redirect Chain

https://u24250789.ct.sendgrid.net/ls/click?upn=7Ra0B9ghOGFTiUDlhTc66VVfgQVIwW10bOxgbEfVAB5qNShtVQI-2BsfF8QIUqfrjXuxpqPetzphAJxNRf84yajPpy3xRRsT7yJW0BD-2FzarniklDpaLFzYxQLTC8gUqsA5ygY94SWCk-2B6TfOgn...
https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

178 KB
34 KB

297ms
266ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ce94fe7a45dab83d96435d04776e00e77d7917e9be6dba208943594016df13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 767c156dee2e923b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 04:35:50 GMT
link: <https://vast.gg/wp-json/>; rel="https://api.w.org/" <https://vast.gg/wp-json/wp/v2/posts/4242>; rel="alternate"; type="application/json" <https://vast.gg/?p=4242>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW1SfgFq60xYPxWvaEbwwzAQu45CgKU2Kl4RKPEZrtVhQ08sHeN9hKZVBwypTzGcPJYfhyv%2BKntvUjOJtjNwvtdGFqEDKCO94hqh%2B9V5lVk38wOP0EdhtnarsmTt6CnkNhTXpKER"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-pingback: https://vast.gg/xmlrpc.php

Redirect headers

Connection: keep-alive
Content-Length: 116
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Nov 2022 04:35:49 GMT
Location: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 style.min.css
vast.gg/wp-includes/css/dist/block-library/ 87 KB
12 KB 22ms
20ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 21:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2139
etag: W/"15b64-5e3a211ea1edf-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZwFvNI1bqWu6G8JAnzBMZlOKfJVSmwKC5KUxeyDdkyX3IhYEOAWXozlepxDe59E8dkrnsPgvOHnmP%2Fin%2Bp%2BadoqjAwww%2BPNHt9p16BOf67T%2BjykvyY6YKHhcQvnT0WCpDWJqfEZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767c156fa834923b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
vast.gg/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 20ms
18ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2139
cf-polished: origSize=2731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 21:09:08 GMT
server: cloudflare
etag: W/"aab-5eb699e9cd7c5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnRte93M%2FHLINAkIshkr6XmMkYMHHMRXN%2BWFugW1MId4nmSa%2BCv3YIPXQUjdR1wrVCb%2B5Mla1xoKskmQ%2FohXqBek7I31iDFyUN3CiHb1QQXQkkfOM8HN9e7cdoc5Uk0UVz3iMVEd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767c156fa837923b-FRA

GET
H2 200 plugins.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 32 KB
7 KB 19ms
17ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/dist/plugins.min.css?ver=3.6.6
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f03322df4bccb954f0ae5d3c6dd9d2ef8cbe62ae80e6baa15078ba0550275129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2139
etag: W/"7edc-5bf518595694f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H53MaxGEOlEbP%2BSK0HQtKbtTUCZmIdoFVEeZrCAMdrRZtOMv%2FCpr71H%2BazVXWMcQAwvg2LFXNGgFHESOPG3KpXzAPHLAQ9zIBbb1NY%2FEH6vPWk49a%2FB1IHk%2FTwC2K7C71Hhim7VM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767c156fa839923b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

354c4e3eab5c0a2446e56bf6ededb28a332093ffeffa17ad05dcb4bbaa3f3886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 03:51:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Nov 2022 04:35:50 GMT

GET
H2 200 style.css
vast.gg/wp-content/themes/breek-child/ 0
319 B 20ms
18ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek-child/style.css?ver=6.0.3
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2139
cf-polished: origSize=283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Sun, 24 May 2020 21:10:15 GMT
server: cloudflare
etag: "11b-5a66b49f24f44-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhgC8oNoNFnvG49wmJyS5kuuRDM9kRRpzY%2Bkf07Mq5iAhz9NEBq2qW5afgAv%2F%2Btg60Alish5oRrbrQ7Vls4Q%2FqedSyyyPRHELBywfLdEGP0t9UJZByUZSB2hsHrQjQxgPHt5379Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c156fa83b923b-FRA

GET
H3 200 wp-emoji-release.min.js Show response
vast.gg/wp-includes/js/ 18 KB
5 KB 105ms
102ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"48b9-5e069d676997c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OSlqGoUx13%2BfA1cMjpex3JAtKitY2%2BYrHoC2gUx6S7GK7w%2FEdskyn2zzb1uANfNeaiX0QM8J7mmQFS5%2BMJccYcORyg5eytdv3N%2BiPujtWeoPlgvN71DQMAZS0smn%2Bnk6LiHBKST"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef67997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117561825-3

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

604f2b8b47ddb1b918f6a2d2b0717d982716fd41e4e7d55b46261926ad4b3aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43638
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 04:35:50 GMT

GET
H3 200 logo.png
vast.gg/wp-content/uploads/2020/05/ 3 KB
4 KB 21ms
19ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.gg/wp-content/uploads/2020/05/logo.png
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ab52caaa9e7e1c45e0844b92e139865d1d41eb47c9f5b45b148a550763e606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
last-modified: Sun, 24 May 2020 22:07:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4459
etag: "daf-5a66c154b8b15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEcEidBu5Tj9phudLsRg44lN6OLDYO3%2BqtpFKdx9N5CpuUCsCASFB4D5yLrFxW3I%2B79C0z2IY5YeRncK8cP%2B%2Bl%2Fv2BDZguW4gAPA1%2BU0bqwf7YQK80cJLH%2BuaV7FngQbvVn6EvM%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c156fef6b997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3503

GET
H3 200 Truman-v6-03-950x500.jpg
vast.gg/wp-content/uploads/2022/11/ 83 KB
83 KB 26ms
24ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.gg/wp-content/uploads/2022/11/Truman-v6-03-950x500.jpg
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1377d15a755c5802de0c2b332336995b1d828745c37d2a55eaac4ddb5e1a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Nov 2022 20:01:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 353
etag: "14a6f-5ecbea7ca7441"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFvFSWwOAHOL%2BQzqtoRIIDmUvtClodfDfHyaxThZK7PDc2JNTDw1AHEaqfhEEqtz1rPkMwa1XLKfOez8vszeSMX9Q3jOpy65YNjyJ6DDFnqxnSQ%2FnsLcx9P1t6qD5sihsNb3RXMU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c156fef6e997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84591

GET
H3 200 email-decode.min.js Show response
vast.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vast.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 13:16:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636a56ba-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOXE6hKdxo02BtzYY9aiEscU8pNAQhnvPjYCnPJ54be%2FAGkYG1TDCWBpsV6UsJqMnTqdBOyT9icOzcT5hpGufmCFVgReg6p3RWk1bSKLYZ%2BwNxagMvGyrCqLJwoQrCRdBMxwVAMl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 767c156fdf28997a-FRA
expires: Sat, 12 Nov 2022 04:35:50 GMT

GET
H2 200 e.js Show response
widget.gleamjs.io/ 5 KB
2 KB 625ms
13ms Script
text/javascript 104.18.31.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.gleamjs.io/e.js

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.31.181 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77a02ab2ff3103e77af827780f2599811c052bd1683bf37d7cd4310120f8bd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
cf-cache-status: HIT
age: 73026
content-encoding: br
g-host: meepo18
cdn-cache-control: max-age=86400, public
x-xss-protection: 1; mode=block
x-request-id: e411acb2-0920-45a9-88f1-8286b84b00a7
x-ua-compatible: IE=edge
x-runtime: 0.249859
server: cloudflare
etag: W/"e77a02ab2ff3103e77af827780f25998"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
cf-ray: 767c1573bcb99a18-FRA

GET
H3 200 left-arrow.svg
vast.gg/wp-content/themes/breek/assets/images/ 1 KB
1010 B 42ms
40ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.gg/wp-content/themes/breek/assets/images/left-arrow.svg
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89b73fd18f9a4ad97c79af88bb787f7f5e45cffc12ec86d487ffcddf0e82a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4459
etag: W/"432-5bf5185952acf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s%2BtlREQbAeLdJDsDH2yySLnDaNwrLwhNPEn2HvG7vs0%2F22LH3Z8Tz3%2BudydBNDGeXMwYEhXQYSMVdmGGw6%2B1m%2BsTZoYdg4lhpZfOdw2Gcf%2FFczQDOE%2FytWkGZeAuKuJ59ULUL%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 767c156fef73997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 right-arrow.svg
vast.gg/wp-content/themes/breek/assets/images/ 1 KB
1000 B 20ms
18ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.gg/wp-content/themes/breek/assets/images/right-arrow.svg
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13641fc5e8caf7dbf32ee87b6f9ba27096509521fab5e67a181ec54952aa9534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4459
etag: W/"429-5bf5185953a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvjtSpN0QxM8cqcj5tjYQ5eKIXsTGUu9W8byOtKvN9W68vmDw7LYxC6TbPa2CkQ8hzkVYelVfj3KioT9NvdjS8AfWG9%2B0tp4Riu5elHULxDbiSajpRduRBj8UoSURHJ7t6Y9Lkj3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 767c156fef75997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fontawesome.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 30 KB
7 KB 103ms
101ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=3.6.6
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a688f331b963b0214605000f50f1513a929c1be0fec2f6203902cc5b45eb4f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"77cc-5bf518595694f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzSaFtV7P%2BsvNScPtRjt61xh78UMBJfEVFBEMZ0ejadT7Ha1wWrvfKsC6xbxCHJxG5PtNNrn%2FcMaMDPndFxfWCRlNoI4yGkT9m2rqakfuu4UE5C1xUJKI0R14DtYQUOFEun7I7Bq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767c156fef4a997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 remixicons.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 72 KB
9 KB 108ms
105ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=3.6.6
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c66b6d27d1b19170b63ab49294609853d2f3a77c334d3b70bb4d59250d413db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12097-5bf518595694f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofKYmUboCpslHAQ3G%2FhD6dmnFFydC9auSR480qNnlVSkgXm%2BX29IZz%2F0tDGg7Hos61zudz%2BGYDORUbfOzczMnw5OZcNeyheqNpkB4mh%2BQaE502bj9SyD%2FXDqb5EsknlMg59LVgzK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767c156fef50997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
vast.gg/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 105ms
101ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 21:09:08 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"26d1-5eb699e9cb885-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptl8fx1L26S%2FqAeepwHm7XX%2FsUhBwJ%2F%2B52rOokzlhRN76ZnBYRQ%2FDaXU8%2Fw6gwbmijnZSLlrhwLZpUi4MIB1fodxhKc0bQVEBVJ4YdJeYGkmtMDpTfT9H1HV5b5jJ8p5BFg%2B7UA1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef55997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
vast.gg/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 356ms
353ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 21:09:08 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"3016-5eb699e9cc825-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1CvE6Q4SDcbmd3W4K2Tv7fTKXp0n9wXhI6t9a5zHJXzgI87r%2FBYAnH8Rxtz4NadRo%2BWVfPc3Tdmh9uYVLtC4%2BSLKDasQgWb2D6D4g%2FrrVwC8guMBM64OdJ4JcqJtJv%2F0P6B4aC8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef5a997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
vast.gg/wp-includes/js/jquery/ 87 KB
32 KB 110ms
108ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 23:06:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15db1-5c7961b782e5d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOI%2FyYPbL60ZISPPXwiVqD5yldfP2iQVXQ%2FlTzg3KLNPpWY2ob5EosXMwo363LGdYH4lr6VevS7BSFz8waq85OvlsGJ8Rx8vc%2FtfzsgjIu82Vlv%2FJyjrp%2BHiQfWB09f2n5%2F9L035"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef5e997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
vast.gg/wp-includes/js/jquery/ 11 KB
5 KB 107ms
104ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Dec 2020 01:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2bd8-5b6628cba2c0e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8foZeK3Dd1htd%2BNi68PD7NmWctt%2BIXMcss7s%2Ff3BWjAc34n%2FZn1aUVSCbWVIuth%2FT1oHkRWCdG1TDKf9bwTKqldGwZSJpt4D1M8oFrVF2m91nKODrYcu43vZs2LZvwN0ntlvMsX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef62997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.min.js Show response
vast.gg/wp-content/themes/breek/assets/dist/ 134 KB
41 KB 109ms
106ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/dist/scripts.min.js?ver=3.6.6
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c080561d92361bacd6c5c1019ae434b9a3f39d0b1ef40936054a9653c43b03d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"216a2-5bf51859578ef-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6c3oL%2BVyPj%2BZY7U4q03Y3LHbQMCbQdirOhKTR7S5b%2BBtW3HAVzgvj3FaLxXjelKkpnt3p1W6RCIensFS8o%2F1RTu4puniGUl%2Fh7KPWZVkZDFtePEUSEgjW7EEG6s6MhdfW9nkquis"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767c156fef64997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 288ed7-6884-417e-b256-dc21cdb46f76.js Show response
monu.delivery/site/e/5/ 54 KB
14 KB 195ms
135ms Script
application/javascript 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0da52336109115fc6ab905e9282bf90e28b7514638c219a03873a115e3837d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtsR8knW8gdSq_t1JBv-eVZpI4chnd3FjVQq_cYy13JVmlh5tHN4je7FS4uWb60urOCV9gPGBfbgSGWEaB3m7a-HQ
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1668026214504406
content-type: application/javascript
x-goog-hash: crc32c=iu7Jrw==, md5=RaGKoYTlOXDXFCQEfHS+KA==
cache-control: max-age=7200
x-goog-stored-content-length: 55186
expires: Thu, 10 Nov 2022 06:35:50 GMT

GET
H3 200 1920x1080-Vast-Web-Background-v2.jpg
vast.gg/wp-content/uploads/2021/08/ 337 KB
337 KB 23ms
22ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.gg/wp-content/uploads/2021/08/1920x1080-Vast-Web-Background-v2.jpg
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e2df6cfb22dea43b0c566ec08c7eb211aec4cdb6f36fcb7cdecad4625a61fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Aug 2021 16:16:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4459
etag: "54284-5cac928893500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3NOqzmtR6f42uLYc4NjUBnLEC7cn23otVsEvOVdgrH3XhAzRubYerxnlhoNie9Ej%2BGJ6Ns8z5m4%2BSbOYxinAGsHMtaQSKDoGl7NaaJn6TpGplycVslUdMI434jCBIep%2BkyaNMrM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c156fef7a997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 344708

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 528868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 01:41:22 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 33050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:25:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 33049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:25:01 GMT

GET
H2 200 8b15de2c7709dd0ba118f6bc64b47baf
secure.gravatar.com/avatar/ 6 KB
6 KB 31ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=192&d=mm&r=g
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 191f6247d603a830b3e62d296c70055d915036e043f4295aae2f7b57f4996f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 10 Nov 2022 04:35:50 GMT
last-modified: Wed, 01 Sep 2021 16:38:01 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="8b15de2c7709dd0ba118f6bc64b47baf.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=192&d=mm&r=g>; rel="canonical"
content-length: 5760
expires: Thu, 10 Nov 2022 04:40:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117561825-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 03:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4261
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 05:24:49 GMT

GET
H3 200 fontawesome-webfont.woff2
vast.gg/wp-content/themes/breek/assets/fonts/ 75 KB
76 KB 352ms
351ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/fonts/fontawesome-webfont.woff2
Requested by: Host: vast.gg
URL: https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=3.6.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=3.6.6
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-5bf51859559af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev0CFZRR%2FkabI9DJw371ExpLQ3Sz2bh9%2B6imiGivpW3YP0GLiHurDHvfBrXHZ9IPlRj%2BA0gAeSxGbaWkavoUemYFrcHzt07hgiQZ22r31MwS5QrdPkbzdzXdNM%2Fzv0JooiuKyRru"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c1570b8a0997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H3 200 remixicon.woff2
vast.gg/wp-content/themes/breek/assets/fonts/ 87 KB
88 KB 351ms
350ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.gg/wp-content/themes/breek/assets/fonts/remixicon.woff2
Requested by: Host: vast.gg
URL: https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=3.6.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9

Request headers

Referer: https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=3.6.6
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15db0-5bf51859559af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1zkKCNxi0EcKTccrgMQgNHqW5eqIOhPdggaKcrz69lmJMkB%2BkWdT3yv4hojlfqpDtwTerALcwmlxQu2mTjYq6RzKzzxViYRGylDE6bQ2VzQGCyPOCcHwVuZPXFNnSvHSETwUBSY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767c1570b8a3997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89520

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1333822591&t=pageview&_s=1&dl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&ul=en-us&de=UTF-8&dt=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20-%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1027008270&gjid=1638219301&cid=230105519.1668054951&tid=UA-117561825-3&_gid=2111081901.1668054951&_r=1&gtm=2oub70&z=1315929030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vast.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 288ed7-6884-417e-b256-dc21cdb46f76.js Show response
monu.delivery/sitesplit/d3/0.3.9/e/5/ 531 KB
143 KB 197ms
161ms Script
application/javascript 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/sitesplit/d3/0.3.9/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d174793e0b1270782c7c578d9eebb70c6c50d320e098eeb8dffeeae366a4398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdukanp4MSDw2TUeVWZ1yAG63tgnhJRYSq5rDBKDeDtQ-7OjlwryYbuifQbBMAg8H8HWIN6oWan8na3_IUjxHmcd8FRJ_wbs
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1668026217440270
content-type: application/javascript
x-goog-hash: crc32c=t+ZR8A==, md5=a3Ted5qORn3IBzzuIVecjg==
cache-control: max-age=7200
x-goog-stored-content-length: 543807
expires: Thu, 10 Nov 2022 06:35:50 GMT

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 58ms
20ms Script
application/javascript 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: gzip
age: 2719
x-guploader-uploadid: ADPycdu33V42VVOyUH4QwSMLaSZ5BJzXWJ8bgG0rglwbzYTAt1Yh2nrQYlwgWu4PlbhYCyElpdOh5TDwW3ShSwrn0LxTmA
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-generation: 1598340963244234
content-type: application/javascript
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
expires: Sun, 05 Nov 2023 04:35:50 GMT

POST
H3 200 admin-ajax.php Show response
vast.gg/wp-admin/ 5 B
603 B 202ms
202ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vast.gg/wp-admin/admin-ajax.php

Requested by

Host: vast.gg
URL: https://vast.gg/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Thu, 10 Nov 2022 04:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC6hBi%2BjNnvnSnjBB7guPLv4vEpGIMw2uP5qOScs53K9nde10o4bLsqMGSsET%2B0qNm6ewlcgn4lWHeOXRB%2Bv3hZS8hxjqrbYyPQiAfrLZ26VDQcX58XPZxyoW4l0hbX81eh0Mbpg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 767c15726b83997a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-117561825-3&cid=230105519.1668054951&jid=1027008270&gjid=1638219301&_gid=2111081901.1668054951&_u=YEBAAUAAAAAAACAAI~&z=1507224330

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 04:35:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vast.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
widget.gleamjs.io/1qFEP/ 35 KB
9 KB 19ms
19ms Script
text/javascript 104.18.31.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.gleamjs.io/1qFEP/embed.js?no_button

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.31.181 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e3e5f8ed594e167e1703879d1561b99d601877b94e3173935151c5da1a5abef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
cf-cache-status: HIT
age: 19620
content-encoding: br
g-host: meepo16
cdn-cache-control: max-age=86400, public
x-xss-protection: 1; mode=block
x-request-id: a6b2e8dc-be9b-4a18-9a37-68fa6d3a9f5a
x-ua-compatible: IE=edge
x-runtime: 0.019884
server: cloudflare
etag: W/"0e3e5f8ed594e167e1703879d1561b99"
vary: Accept-Encoding, Accept
x-frame-options: sameorigin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-robots-tag: noindex, nofollow
cf-ray: 767c1573dcd69a18-FRA

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 133 KB
31 KB 54ms
22ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f866cfe27176eb8017ed091de1f3491b9a236fdcbab1f7400786bbba81bfeb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 02:14:04 GMT
server: cloudflare
x-amz-request-id: 272EDF0482DQRBCV
age: 713
etag: W/"ace19780e02497e964b4859689e3d430"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 767c15743e53bb44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GkUVwlPKeqqDzb0EJXSTTGwEZuKA+H9GVENZSVvl0+k8Z4yS9WhsdjKfzOrrQLnlSsLhplkMVf4=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 6 KB
2 KB 81ms
19ms Script
text/javascript 18.64.79.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 5tDFU8EOTT9ldukOsCr3jZvUw0akwQd7
content-encoding: gzip
via: 1.1 bfeb5de1b362acd366f42059fc9dbbbc.cloudfront.net (CloudFront)
date: Thu, 10 Nov 2022 04:26:59 GMT
x-amz-cf-pop: TXL50-P2
age: 31919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Wed, 12 Oct 2022 20:19:33 GMT
server: AmazonS3
etag: W/"9c721bc4954770340a2d3b58e1188c30"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: t7kl0A0ni-kfduT0yThnRxH_-oI0AubtQlVw3NBNGzUZzuTTqQWgdw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23165d45714710a11cbbd489d172aa149bd0e1b0a27283cc48cb4f6006ae3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27342
x-xss-protection: 0
server: sffe
etag: "1389 / 675 of 1000 / last-modified: 1668035351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Nov 2022 04:35:51 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
39 KB

54ms
10ms

Script
application/javascript

2600:9000:2182:c000:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:2182:c000:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:24:41 GMT
content-encoding: br
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 671
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: bqiUgUQfEykyso3Teec95W3aSoxfvwU9atMvV7wv6wtA40KQohoQ-w==

Redirect headers

date: Wed, 09 Nov 2022 22:24:28 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 22283
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: 0lmeJRM-svNSdhJvzT4zPFoIB6smoE-Nz12bGPQ_HKvhi2-l-v4zmw==

GET
H2 200 tag.min.js Show response
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 23 KB
8 KB 40ms
8ms Script
text/javascript 65.9.66.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbe72b686c98aad3ca2c58357108742c0cccd68f45cd9d4affd2ddbf3a5e08df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: iO8C21D0we8rZTAVIt77dqxmlme8ws9I
content-encoding: gzip
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 05:56:14 GMT
last-modified: Mon, 30 May 2022 16:27:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 81593
etag: W/"d7b36c5e83e3c019a978f35c3f159b5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 9yal7IvfO2KrbkZLnK8UZWaUOaksE0QAJoE2bHFW1BoNvmidO-PzkQ==

GET
H2 200 182762-63174106385307.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 669ms
602ms Script
text/javascript 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 10 Nov 2022 04:30:53 GMT
server: cloudflare
etag: W/"7636a1-930a-5ed163d1682e5"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 767c15748cf0d089-CDG
expires: Thu, 10 Nov 2022 08:35:51 GMT

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame C5FA 3 KB
2 KB 65ms
20ms Document
text/html 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Thu, 10 Nov 2022 04:35:51 GMT
expires: Sun, 05 Nov 2023 04:35:51 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ADPycdvWt1hBsar0bKmA47oB-Ad3CF_W6swsZXkyb8OTJ7n2pd1z6zVDgdjjO9X-k32-C1_lWCG8_Bb5pO-pgv_Pi1-q

GET
H2 403 embed Show response
gleam.io/1qFEP/ Frame 5381 58 KB
40 KB 112ms
50ms Document
text/html 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/1qFEP/embed?l=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&r=

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/1qFEP/embed.js?no_button

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a73e5aa95af8cc67d83c4acbe60bdc517bc46356adacdd9d35053ad11a03d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 767c1574b991d6ea-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 04:35:51 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 logo.svg
js.gleam.io/images/ 731 B
838 B 94ms
53ms Image
image/svg+xml 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 08:06:14 GMT
server: cloudflare
age: 899
etag: W/"636b5f76-2db"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
g-host: meepo14
cf-ray: 767c15748aab6973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 47ms
12ms Fetch
application/json 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:57:52 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront), 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA6-C1
age: 16679
x-amzn-requestid: fbd5d503-b3ca-44a4-8f95-2a6d3c493bb0
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: bW60IFUHiYcF2Rg=
content-length: 555
x-amz-cf-id: CrQmLLGqdV50aI93AD-ZKH9AcwL640oWVgOB6iLhjhOTuhxZmLww0g==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 20 KB
7 KB 87ms
14ms Script
application/javascript 18.155.145.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.145.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-39.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 04:55:01 GMT
x-amz-version-id: SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 09:56:11 GMT
server: AmazonS3
via: 1.1 df82305b97992378d05ae949e544e3e0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P1
etag: W/"588a5c88fba4ca02dace48040384e257"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
age: 85251
x-amz-cf-id: bozTfE_hwg76zqDTmPLseqrFM7ZcJHRYwihenH4VgJJUPWW_KIvjCg==

GET
H2 200 %2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F Show response
signal-segments.s-onetag.com/desktop/vast.gg/ 1 KB
533 B 44ms
10ms Fetch
application/json 13.32.27.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/vast.gg/%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-123.fra56.r.cloudfront.net
Software: /
Resource Hash: 41604daf01c265a924382d8402d1efc06095b75d030951d8561d8971429b0837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:13:09 GMT
content-encoding: gzip
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12162
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: bPL-2QxE3AcS9ULxjvESg6Mi1NEIZzOZRRihHLFCoBooikZSv3_C0A==
apigw-requestid: bXF12h0OiYcEP7g=

GET
H2 200 vast.gg Show response
signal-segments.s-onetag.com/desktop/ 5 KB
701 B 42ms
9ms Fetch
application/json 13.32.27.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/vast.gg
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-123.fra56.r.cloudfront.net
Software: /
Resource Hash: ba69565dafc3d24aacf5b6acf0f5020d4fbf9d78c3155b1a3c31fc0cd9a07bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 06:10:59 GMT
content-encoding: gzip
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 80692
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: K0JahiwpuDyQxkvsV1jok13nlnCXJwzSh_-I-Fm8I6F8k8XwII1VBA==
apigw-requestid: bUeiEijBiYcEPPA=

GET
H3 200 pubads_impl_2022110901.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 28ms
10ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 09:36:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 11:53:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
83 B 35ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vast.gg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bb4c190c04ef659ba878a531141fdc792a7841d68d1cc82557df9a91dc8047a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Thu, 10 Nov 2022 04:35:51 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202211090914/ 210 KB
66 KB 36ms
19ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202211090914/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9504bdaca8fb3054b72d3b98e78cfa02b3e77e4a8687d7d664fae34d7a8cd41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:15:46 GMT
server: cloudflare
x-amz-request-id: GW5X7STYENTCF2F7
age: 38039
etag: W/"9976f3865b2ff01ad2e520fa64af19a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 767c1574ac4ebb9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CJxS2zB8mP/WSYUlmsriVdWPcAeHS5LWcG8Q6Xe79xz6CJB4shJhc0SahyX4rFqTcS2+cya2qzk=

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
9 KB 598ms
13ms Script
application/x-javascript 18.155.145.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.145.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-73.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: gzip
via: 1.1 e3435d60cd338994e4187428e5fd4e42.cloudfront.net (CloudFront)
date: Thu, 10 Nov 2022 03:57:56 GMT
x-amz-cf-pop: HAM50-P1
age: 2275
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: 6_wcIBIZ_8sMtFnhtTuM2A9lI4GpC8xZuJPuqU3o4F11AcAr05HSmA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 10ms
10ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvast.gg&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3fab7a31ef55c08bbb5398be0360fa32eb048a507fe3dbc907344e55c62f6971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:18:18 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 19053
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1964
x-amz-cf-id: _aso0PI5m8Re4YZDtB6foevkaninZ7YAope3tjW7CP6zb53HCRostQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 572ms
44ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=0&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-96aecd73-cf5e-4dfb-81f8-8adb2f4d33ee-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 3WW2QZY8VTDFW067S1JG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Y7rfZOacWHr1_hKo1WTC-FQ8uWHGAgbdy8HDySl6-6rKAaHGHaCGXg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
457 B 570ms
45ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=1&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5cf995ae-2d40-423c-9678-9776a052883e-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDT.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: K4Q4AFRK8PESKZE34PP9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -ON-rjmKJ_wIAOrh98nSXqT7O-pHEryvRwMzBj5GAhUPmgSDOBfTUQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 570ms
46ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=2&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-912728e9-bd5a-411c-a4d8-564b242e1809-ad%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: MVDVGBE2Z02SB4PPWCD1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -GqAK4Ag7z9AIXj9DpHLxvMVBjTksUqA1yhnaaaQbwRLUwVnMc3tbw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 568ms
46ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=3&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2ad35424-8dec-44c1-885a-e1c37db86870-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: PX9ESRN4M4D39XX67PP3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1F_B2BSysu0gqOCbK-CLZF3Pf6aByudc4kXwK_BDJxcB7G6oOly2uA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
456 B 563ms
42ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=4&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-cc89d82e-4f0a-44a9-ac45-8c94345df3c0-ad%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.J%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: RJ0B465PX7H9G6T77475
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: D3SuYrQ0IiMCZl-nA4koj34kiZ4avaHMtspSrWUU3OEFSjSQIZugBQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 562ms
44ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=5&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-8f18f119-4941-4ba9-a337-22323915c8a1-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: RQYJ18Y4N2BT2P3E8NAD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wlrIpHPCMRlSnMTk2n9lJ50QBDJ-_M0hGR7RcniCWoQSpqozTEDGtw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
456 B 611ms
94ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=6&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-fa752522-2437-40fe-b514-67039b3cbc2a-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 9XAB1M6ACTWAD6NA1AZN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZCP3FTg6MC6dtxIyB0PBbUhy0v8wNJXYS-kaFKAAnGiHgyWT1DznWw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
454 B 559ms
45ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=7&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-55191930-cd70-4c90-9508-e97743ac59e9-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: VPNVGWZ74713FT5Y9CNX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3BHg1CDTIt7ENL2DiqizNnn23bMtpk3oenoRx7Emm4JsXr6IDtmO2w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 562ms
49ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=8&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-e167ef60-1fbe-4928-ae2d-1da5514a78c2-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDP.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: P0J6E9BHYBGA16WCWWTA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: QE82nklViMsO7aaAUmEGjqJWqvypZo5vkoXkf06OZUHoICcPeHqpug==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
454 B 560ms
49ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&pid=BvungKFtImAAh&cb=9&ws=1600x1200&v=22.1107.1609&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-42555874-280d-4592-8c4f-b092389552af-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDI.E%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: VTEMBT1PGFTB5VSRPDJE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: clzItYYs7Mkj821ASzGtby_Uxk1H5Dq4spn7mW1-vaimeoXhOoigTA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
10ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 20:29:54 GMT
x-amz-cf-pop: FRA56-C2
age: 29158
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ej9yNgjw7f-cmWXfmF_N4edUSgj6SQkmljMF8r4uUXQkVORlCaA47g==

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
20ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=96aecd73-cf5e-4dfb-81f8-8adb2f4d33ee
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
534 B 450ms
10ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=5cf995ae-2d40-423c-9678-9776a052883e
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
21ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=912728e9-bd5a-411c-a4d8-564b242e1809
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
21ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=2ad35424-8dec-44c1-885a-e1c37db86870
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
21ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=cc89d82e-4f0a-44a9-ac45-8c94345df3c0
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
22ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=8f18f119-4941-4ba9-a337-22323915c8a1
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
22ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=fa752522-2437-40fe-b514-67039b3cbc2a
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
22ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=55191930-cd70-4c90-9508-e97743ac59e9
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 462ms
23ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=e167ef60-1fbe-4928-ae2d-1da5514a78c2
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 461ms
23ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=s.d&u=42555874-280d-4592-8c4f-b092389552af
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52850
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 45 KB
17 KB 469ms
36ms Script
text/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b5e70e5f633e362053603fecb49595062ef6e570cb4a9f2f5a03885875e2fb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: M36KY5IVkLdcFx6PeezcmtRkwwhY9XMEj5Kotn9wMNpwjXor4v8rpg==

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
354 B 62ms
15ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
384 B 136ms
33ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 63d578df472cd76636ba0feaef9922d1d97d175ee0c6cc032c24c62b1e4b8a1b

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vast.gg
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 10 Dec 2022 04:35:52 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 410 KB
117 KB 82ms
37ms Script
text/javascript 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX8RN661&hst=vast.gg&ver=1.2

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f5700a3825caf9d62275c048e387f7c1bbf259efea80a0ac9eefc4d1e43dd12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Thu, 10 Nov 2022 04:35:51 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 10 Nov 2022 05:05:51 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 74ms
7ms Script
application/x-javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 09:01:02 GMT
x-amz-cf-pop: FRA6-C1
age: 70490
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: COu1UftdH_YLDxJ1snNHANOouu_vk9nO0YoA0IsSPcWx2WcxCKQVJA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 54ms
17ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: BNJ6QE5JEPQ6QZQN
age: 1036
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 767c1578acfb9b51-FRA
x-amz-id-2: hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=

GET
DATA 200
OK truncated
/ Frame 5381 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ee3f7a5d07ff9d0a12bde19c3584acdc2943d6525235022f504caa19d3d83a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5381 14 KB
14 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Request headers

Referer
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame 5381 14 KB
14 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Request headers

Referer
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H3 200 invisible.js Show response
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 3B10 34 KB
15 KB 33ms
15ms Script
application/javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668052800

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d84fd145a69970020fc4029a17af14fa9a54d5b1b305504b213624f681c5316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 767c1578d8f4911e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vast.gg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vast.gg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 774 B
466 B 202ms
202ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=2603363819976221&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDR.J&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&adks=3034774008&sfv=1-0-39&prev_scp=pos%3D10%26monu%3D160x600_B10%26tynt_pillar%3Dfalse%26directDeals%3Dsticky_pillar%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951818&lmt=1668054951&dlt=1668054950332&idt=936&adxs=1740&adys=600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcf0ee214868ee38ec74a53006143dd04f0f5f7ef7ad3491bbad2abf2dbe4262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 436
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 838C 6 KB
3 KB 72ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 04:35:51 GMT
expires: Fri, 10 Nov 2023 04:35:51 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
314 B 291ms
291ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=2239751654321521&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDS.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=2&adks=3081665599&sfv=1-0-39&prev_scp=pos%3D3%26monu%3D300x250-160x600-300x600_B3%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951835&lmt=1668054951&dlt=1668054950332&idt=936&adxs=1080&adys=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=320x620&msz=300x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

495f84b47541694624d5e80bb97b7d9766ff08b903386b58c8584e802df81349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
321 B 226ms
226ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=3223690688408747&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDA.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=2402690901&sfv=1-0-39&prev_scp=pos%3D3%26monu%3D728x90_B3%26tynt_pillar%3Dfalse%26directDeals%3Dsticky_bottom%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951844&lmt=1668054951&dlt=1668054950332&idt=936&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d6f775aa7a00ea59752de3dee94a3216a45e65ce549ebad48e8adb67b1ce975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
327 B 237ms
237ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=1069016283958164&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=4&adks=506502713&sfv=1-0-39&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_A2%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951853&lmt=1668054951&dlt=1668054950332&idt=936&adxs=1080&adys=594&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=320x620&msz=300x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

885db7384c71405d0a9b91db69e36c0d5298dd587d55b70e8e32e8d9d446b99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
316 B 398ms
398ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=1152521734951951&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDT.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=5&adks=3349190335&sfv=1-0-39&prev_scp=pos%3D4%26monu%3D300x250-160x600-300x600_B4%26tynt_pillar%3Dfalse%26directDeals%3Dsticky_sidebar%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951870&lmt=1668054951&dlt=1668054950332&idt=936&adxs=1080&adys=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=320x620&msz=300x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

254bc5678a6cf5914c2a1ce4b4a6050fe7bd58c8a80cd535a2c0bbe16c59cd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 566 B
318 B 311ms
310ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=3292314328301841&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDB.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=3337611033&sfv=1-0-39&prev_scp=pos%3D1%26monu%3D728x90_A1%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951880&lmt=1668054951&dlt=1668054950332&idt=936&adxs=436&adys=194&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c955cfca991a9fd6817f56f12051cb78a1bd200d1ccfaf457eb567791ae2bcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
313 B 242ms
242ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=2827138426140486&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDR.I&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=7&adks=3082047563&sfv=1-0-39&prev_scp=pos%3D9%26monu%3D160x600_A9%26tynt_pillar%3Dtrue%26directDeals%3Dsticky_pillar%26tynt_id%3DaFO8buhTyr67n_aKlId8sQ%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951887&lmt=1668054951&dlt=1668054950332&idt=936&adxs=-300&adys=600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea3ada4dfc6a0d132e9407f00ff174cec236a202747032d37e9c13c4a6b2d172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
317 B 249ms
249ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=2310188940331319&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDI.E&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=8&adks=2399434903&sfv=1-0-39&prev_scp=pos%3D5%26monu%3D300x250-320x50-320x100_B5%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951895&lmt=1668054951&dlt=1668054950332&idt=936&adxs=450&adys=1850&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=340x270&msz=300x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c04b7e3e7c68a8e4afad602fff77fd68283d6ac84a729bfa3d80c03bc828e702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 8ms
7ms Fetch
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 00:52:57 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront), 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
age: 13375
x-amzn-requestid: a39a99a5-7a6e-4580-b27c-9d4edfd030ff
x-amzn-trace-id: Root=1-636c4b69-4d5281f86296ddf82e675959;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: bXC4gFrvjoEF3VA=
content-length: 30
x-amz-cf-id: JfcvbosBFyYyxCP3O83wrwh97B7jLfvNqjYRZCdi3ikyzjxBnOwU4Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 129ms
88ms Preflight
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vast.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 10 Nov 2022 04:35:52 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront), 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-apigw-id: bXjiSF44DoEF99Q=
x-amz-cf-id: C02nPqGjiE6EK3uaLCdmqq0c_-w5yoPRTKx9lqq5dl3VgU0B95kB2g==
x-amz-cf-pop: FRA2-C1 FRA2-C2
x-amzn-requestid: bb95b9a0-3781-4b10-bd98-987cf42e12d0
x-cache: Miss from cloudfront

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 566 B
315 B 238ms
237ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=60001013871009&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDP.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&adks=665911486&sfv=1-0-39&prev_scp=pos%3D2%26monu%3D728x90_B2%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951910&lmt=1668054951&dlt=1668054950332&idt=936&adxs=436&adys=3179&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=748x110&msz=728x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3ed025f2eaa7f14b7d5c69338ac5a88f4911b767eaa1f0ed04e51c02a174f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
312 B 349ms
349ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1415068949485902&correlator=1415387315275886&eid=31070789%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=10&adks=4058729660&sfv=1-0-39&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_A2%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone&eri=1&cust_params=big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1668054951927&lmt=1668054951&dlt=1668054950332&idt=936&adxs=1080&adys=1304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&frm=20&vis=1&psz=320x620&msz=300x0&fws=4&ohw=1600&ga_vid=230105519.1668054951&ga_sid=1668054952&ga_hid=1333822591&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a85087049f0ec316114c9c32bd6b66111e6cdf0410965a2f4263e9389e3937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AC3F 5 KB
2 KB 36ms
35ms Script
text/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 044d46f95463e5cdc76abd0f8b74ba3289a5ef0a39c9b34dbed98ba344b4af80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: pXFFcJzAoCJlPTMQPer9R8f9g25TR_zKThTI-bXIDWTjWZbP0EWweg==

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
497 B 56ms
21ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huFYCVbDgzDp09FM1pgyeE6vsoj3e5WXqWpf6qXpDiF%2B%2B9FPgjUJcttrznNu9DHtwxMxEpx%2FXmexUauCb3nc1ATCaRTyoGj%2B6VSB9D5i5K9T2f3kmlWQ6mAiZdSJ%2B2pw3ZfN6qVQn1E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://vast.gg
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 767c157a0f3b9280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 7ms
7ms Fetch
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:52:57 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront), 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
age: 13374
x-amzn-requestid: a39a99a5-7a6e-4580-b27c-9d4edfd030ff
x-amzn-trace-id: Root=1-636c4b69-4d5281f86296ddf82e675959;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: bXC4gFrvjoEF3VA=
content-length: 30
x-amz-cf-id: cq5merD0DT_toK3OV5jtSGGO7PEf-BofUkuOaWE_1ck39qzOWMkmTw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 7ms
6ms Image
image/gif 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=604800
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
content-type: image/gif
cache-control: max-age=294341
accept-ranges: bytes
content-length: 43
expires: Sun, 13 Nov 2022 14:21:33 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 91ms
23ms Image
image/gif 23.205.239.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-239-15.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 04:35:52 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=186506
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 12 Nov 2022 08:24:18 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
394 B 31ms
7ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

fd3b62ba67b28f99be389823c2417e24c9ce631a2238e611febe350e7386f7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
275 B 333ms
7ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

51d818ab52bfa2fb326da5c55f66c03637c8f4f930e039b56d8cbb98a92f6a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H3 200 pica.js
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 3B10 22 KB
9 KB 15ms
15ms Other
application/javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074815d32a61687cf29cbbe5c5dab3089f279c5290e0878f6941fe2f5083cb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 767c157a1a2b911e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame AC3F 19 KB
8 KB 35ms
33ms Script
application/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: glnSYHxRIYfRkfojbWla01jhB3ZBU8gVxBPMjzbH23xFOe9oifKI2w==
expires: Fri, 10 Nov 2023 04:35:51 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame AC3F 9 KB
4 KB 36ms
34ms Script
application/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: S1JyjWjwEOjc7igabnUe0yKoyalJOE45mJtgJrXzfKwFYEShQYBVvw==
expires: Fri, 10 Nov 2023 04:35:51 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame AC3F 8 KB
3 KB 35ms
34ms Script
application/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: PVQyOM5lVmn-ynF6V_e2cf543QCxMLBp40B1n0N5wnKcHhqMnosxtg==
expires: Fri, 10 Nov 2023 04:35:51 GMT

GET
H2 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame AC3F 258 KB
119 KB 38ms
37ms Script
application/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 5aqjwVIXEu7Md4Ihh1GjEyFmdIdHuemdTZuwuZ_yD1tjAyErdRCB_g==
expires: Fri, 10 Nov 2023 04:35:51 GMT

GET
H2 200 prebidVid.7.16.0_4.min.js Show response
live.primis.tech/content/prebid/ Frame AC3F 510 KB
261 KB 39ms
39ms Script
application/javascript 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 08:19:17 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"635f8505-7f9a4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 7SyU3uAxpmtpV9XdHuO2MuE0zbwtihhMJmhbtG32rSSGi-WErv3q_g==
expires: Fri, 10 Nov 2023 04:35:51 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame AC3F 654 KB
266 KB 101ms
100ms Script
text/html 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104973&schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1&cbuster=1668054951&pubUrlAuto=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&videoType=normal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2607454b6ee1a7aa109c730994de6fe21d27e27106b8b2985deb2df0d469c27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: DqlS6O5Vk5ELTfR99CCFThgaxrkbsPVtIBjRxdthoJW4wpUTNzJwrQ==

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 353 KB
123 KB 47ms
8ms Script
application/javascript 13.32.27.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8020ce97f71b864b4d349c0f1a346f4094fc4b9bb52cfef2ed397751037c1d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: GfdzA3DpV4YsZYxJrGrYhcCMCE27LBaI
content-encoding: gzip
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
date: Thu, 10 Nov 2022 04:11:52 GMT
last-modified: Tue, 19 Jul 2022 21:20:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1452
x-amz-server-side-encryption: AES256
etag: W/"d47416b7feb1bd9699e41f4ed3c32a3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: BFmmmBttdykFP6pTdqROwpZ65VCG0I3VuYWh2kq_xfuW552acBDIVg==

GET
H2 200 log
l3.aaxads.com/ 35 B
173 B 30ms
7ms Image
image/gif 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=122&dgw=desktop&flg=AAX8RN661&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=vast.gg&vhuyqdph=ssp-serving-668d7f664f-rjf2s&vyu=110807_474_110906_438_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001668054952005032397757444728&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=117&fhqg=21&hqg=29&gvwduw=21&fvwduw=20&vwduw=21&uhtxuo=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&nzui=
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 10 Nov 2022 04:35:52 GMT
content-length: 35
content-type: image/gif

GET
H2 200 rciv.js Show response
cdn.tynt.com/ 16 KB
6 KB 149ms
14ms Script
application/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/rciv.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601459a3e208a28ad0efc45edd5dfe480785df1365f81fc45acec1231cd16674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
age: 48774
etag: W/"62d96946-3fc5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 767c157bdb789bfb-FRA
expires: Sun, 13 Nov 2022 04:35:52 GMT

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 55ms
55ms Stylesheet
text/css 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 07:06:30 GMT
server: nginx
x-amz-cf-pop: MRS52-P3
etag: W/"620367f6-465a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: A1Mmj1n1lAeYhK6oE_9tRL0c1oi0RK-QQ3Xm4G6Tsp9EeqH6jC9gNw==

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/ Frame AC3F
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
39 KB

11ms
10ms

Script
application/javascript

2600:9000:2182:c000:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:2182:c000:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:24:41 GMT
content-encoding: br
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 672
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 1Yu0bn-nUf4vj1uAJt9Rsd68rqeuyboZlDpCih_jcvsrcmE-WFQ69Q==

Redirect headers

date: Wed, 09 Nov 2022 22:24:28 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 22284
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: 3oovUp87FFzBgiqxZ1COQ3Y5NnlheNAJhL-xUIyiiArqH2XCuFjv-g==

GET
H3 200 css
fonts.googleapis.com/ Frame A74D 2 KB
552 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 03:09:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Nov 2022 04:35:52 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
432 B 23ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 03:07:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Nov 2022 04:35:52 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5755 15 KB
6 KB 52ms
14ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=21852
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 04:35:52 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 10 Nov 2022 10:40:04 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame 050F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=94&advUuid=288da4b0-60b1-11ed-9c4e-18c6427b0406

0
397 B

35ms
35ms

Document
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=94&advUuid=288da4b0-60b1-11ed-9c4e-18c6427b0406
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 10 Nov 2022 04:35:51 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
x-amz-cf-id: ekL3D1r099bEGyEeSqM1fZBjugOsMsQypj6JStwmetyAJsRxZl7sIQ==
x-amz-cf-pop: MRS52-P3
x-cache: Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Thu, 10 Nov 2022 04:35:52 GMT
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=94&advUuid=288da4b0-60b1-11ed-9c4e-18c6427b0406
Server: nginx
X-fe: 35

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame D948 43 B
304 B 56ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Thu, 10 Nov 2022 04:35:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AC3F 112 KB
11 KB 66ms
66ms XHR
application/json 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt3ODYyMxZ2nWRyo181ZGQmOGVzYwI5YWU2ODE1MDI3MTx3JTJGqzyxNWRxZDIkNWY4Y2E3ZDU1ODt4NTx3Mv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RwNE5cOTJuV1JfYwE4MVcHUXcPR1ZgWWcJNVyXVTJPREUkTURJM01UnmNMM1cjWxRWn1cHUXyNVFZgT0qOnE4lUTFOVGp0T0RVNU56SXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxmT1RRME9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dZ3uOREV5TxRBS2ZRLaqVVTE5MwJupEVeRHJioyFTqyy3QXNBqTJ4NmVeZV9OrFF5ZWF6SmyXYx0zqzyxX2NioaRyoaRsnWQ9NTt1ODQ1JaZcZF9wo250ZW50X2Ryp2M9UGFlZW50plgTqXJjpzymZSgEYXVanHRypvg3nXRbK0NipzqcK2ZipvgDnHJcp3RgYXMzqzyxX2NioaRyoaRsqGy0oGU9UGFlZW50plgTqXJjpzymZSgEYXVanHRypvg3nXRbK0NipzqcK2ZipvgDnHJcp3RgYXMzqzyxX2NioaRyoaRsZHVlYXRco249MTUlJzRyYaVaSW5zo3JgYXRco249Jat9NDA0Jax9MwI3JaB1YyVloD1bqHRjplUmQSUlRvUlRaZup3QhZ2pyMxZaYW1cozpgZ2y2ZWF3YXymJTJGMXFzZXAgqHJ1oWFhLWZuY3RipaxgnXBuZC0kMHRbLWqyov1anXZyYXqurS1ho3YgNXRbLWRyYl01qGtyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMTJEMmEmMDVGMmAmNwqEN0I3MmMkMmUmMDMlMmAmMDM2Mmx3RDqCNDMmNTM3N0Q3QwUmNwQ2RDQ2N0E2NDQmMmU2RTVBNmpmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmtmODM5Mmp3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmMDIyM0EyM0ElMDJyJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMDphMC41MmA0Lwt3K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMW1ioaVgZXRlnWMhY29gJTJDZTUlODuyZDpgNwt4NC00MTqyLWIlNTYgZGMlMWNxYwQ2Zwp2JTJDMSZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmNzM3ZzE3ZWImMwUzY2J1p3Rypw0kNwY4MDU0OTUlMwUkJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 02f3e965d97553bcb67f697ccc4635efcd97eebbaf7f82d8fcd7d320ff38db82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://vast.gg
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 10618
x-amz-cf-id: H7H_MpGMtAX-OZXEpTp3YhD6S72co1x6ef0Opk8VFpZMvHe3tUhmHg==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AC3F 102 KB
9 KB 70ms
70ms XHR
application/json 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt3ODYyMxZ2nWRyo181ZGQmOGVzYwI5YWU2ODE1MDI3MTx3JTJGqzyxNWRxZDIkNWY4Y2E3ZDU1ODt4NTx3Mv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RwNE5cOTJuV1JfYwE4MVcHUXcPR1ZgWWcJNVyXVTJPREUkTURJM01UnmNMM1cjWxRWn1cHUXyNVFZgT0qOnE4lUTFOVGp0T0RVNU56SXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxmT1RRME9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dZ3uOREV5TxRBS2ZRLaqVVTE5MwJupEVeRHJioyFTqyy3QXNBqTJ4NmVeZV9OrFF5ZWF6SmyXYx0zqzyxX2NioaRyoaRsnWQ9NTt1ODQ1JaZcZF9wo250ZW50X2Ryp2M9UGFlZW50plgTqXJjpzymZSgEYXVanHRypvg3nXRbK0NipzqcK2ZipvgDnHJcp3RgYXMzqzyxX2NioaRyoaRsqGy0oGU9UGFlZW50plgTqXJjpzymZSgEYXVanHRypvg3nXRbK0NipzqcK2ZipvgDnHJcp3RgYXMzqzyxX2NioaRyoaRsZHVlYXRco249MTUlJzRyYaVaSW5zo3JgYXRco249Jat9NDA0Jax9MwI3JaB1YyVloD1bqHRjplUmQSUlRvUlRaZup3QhZ2pyMxZaYW1cozpgZ2y2ZWF3YXymJTJGMXFzZXAgqHJ1oWFhLWZuY3RipaxgnXBuZC0kMHRbLWqyov1anXZyYXqurS1ho3YgNXRbLWRyYl01qGtyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMTJEMmEmMDVGMmAmNwqEN0I3MmMkMmUmMDMlMmAmMDM2Mmx3RDqCNDMmNTM3N0Q3QwUmNwQ2RDQ2N0E2NDQmMmU2RTVBNmpmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmtmODM5Mmp3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmMDIyM0EyM0ElMDJyJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMDphMC41MmA0Lwt3K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMW1ioaVgZXRlnWMhY29gJTJDZTUlODuyZDpgNwt4NC00MTqyLWIlNTYgZGMlMWNxYwQ2Zwp2JTJDMSZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmNzM3ZzE3ZWImMwUzY2J1p3Rypw0kNwY4MDU0OTUlMwU0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31312D31305F30367D7B7331353032303036397D7B4335377D7B53646D467A6443356E5A773D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=2001%3Aac8%3A20%3A302%3A%3A202e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=636c7fa7eb325&debugInfo=15020069_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15020069&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2140ymxkohtj&secondaryContent=&x=690&y=400&pubUrl=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdebc673a857082bf484561538984c9a975e50f967e231c652b3b4f4dc6d42c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://vast.gg
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 9224
x-amz-cf-id: Nx38r2zFjeamV6cghBeTjGm8qwdONd9zaeCxCCulRPOJnHsUkTesTQ==

GET
H2 200 vid5ddd215f8ca7d558885972_thumb.jpg
video.primis.tech/uploads/cn11/video/users/converted/28786/video_5dd38efb29ae6815027197/ Frame A74D 867 B
1 KB 72ms
10ms Image
image/jpeg 2600:9000:2491:4200:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn11/video/users/converted/28786/video_5dd38efb29ae6815027197/vid5ddd215f8ca7d558885972_thumb.jpg?cbuster=1577199506
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e9eb9418a753a88c081130c8319698fee43ef4bd54fb98884160f85dc7e66ee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 03:23:32 GMT
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront), 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4, FRA56-P7
age: 4769
x-cache: Hit from cloudfront
content-length: 867
last-modified: Wed, 18 Aug 2021 17:56:34 GMT
server: nginx
etag: "8112c004253cdb9040913ef9fcc20989"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Lb07zre1tQaBm1XkKPJUKsMkO2kLEjSm0z-CN6SxDW8FCPGR8nVl6g==
expires: Fri, 11 Nov 2022 03:16:23 GMT

GET
H2 200 vid5f03f106e442b996214979_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/28743/video_5de394241e61b855908736/ Frame A74D 2 KB
2 KB 75ms
13ms Image
image/jpeg 2600:9000:2491:4200:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn25/video/users/converted/28743/video_5de394241e61b855908736/vid5f03f106e442b996214979_thumb.jpg?cbuster=1614091265
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5ac0b7a5d7f03543e71669ea74eda2ecea0ac544ba8f889d310f156dfe3f90e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
via: 1.1 fd4c476aa3616f643565cbbf3a891a78.cloudfront.net (CloudFront), 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1, FRA56-P7
age: 3537
x-cache: Hit from cloudfront
content-length: 1736
last-modified: Tue, 17 Aug 2021 18:28:23 GMT
server: nginx
etag: "5fcb3a7ce61cda0eb71ef8406a6622b1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: _ZOBqQf_olFmVg2PMoSwvuathk3ItBVcUb3qUZawtlvLCbgdZu7chA==
expires: Fri, 11 Nov 2022 03:36:54 GMT

GET
H2 200 vid6351d14f6fab3360933768_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/24485/video_5eba916c9fa61764615437/ Frame A74D 1 KB
2 KB 72ms
11ms Image
image/jpeg 2600:9000:2491:4200:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn16/video/users/converted/24485/video_5eba916c9fa61764615437/vid6351d14f6fab3360933768_thumb.jpg?cbuster=1666306386
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b84f4b6f467cb25cfddb1654a594c5b090204b4f287a56a44dd895f1bef823f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:57:14 GMT
via: 1.1 d9fcaa7ae40e5e547fbbd3d693139fae.cloudfront.net (CloudFront), 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1, FRA56-P7
age: 81518
x-cache: Hit from cloudfront
content-length: 1388
last-modified: Thu, 20 Oct 2022 23:09:47 GMT
server: nginx
etag: "ee2f70cdd93490efc85df7af88f60be0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: FzwzZQVEKyFq3U4O4DnZFWbl8SUjelOdqv6QRUH3IIxbdWybe2VnlQ==
expires: Thu, 10 Nov 2022 05:57:14 GMT

GET
H2 200 vid5ed1a16ba188c142815565_thumb.jpg
video.primis.tech/uploads/cn9/video/users/converted/28743/video_5de393dce377d051182219/ Frame A74D 2 KB
2 KB 73ms
11ms Image
image/jpeg 2600:9000:2491:4200:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn9/video/users/converted/28743/video_5de393dce377d051182219/vid5ed1a16ba188c142815565_thumb.jpg?cbuster=1614090977
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5de5992e9f7c7b219ed3aa0a548754c74601839d983e6377f8dfd489d277d8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:50:03 GMT
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront), 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
last-modified: Tue, 17 Aug 2021 18:18:15 GMT
server: nginx
x-amz-cf-pop: AMS50-C1, FRA56-P7
age: 17148
etag: "0706e1e387c6888069920abfeacd0463"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1687
x-amz-cf-id: ejeYKTlSuDoYgcftHdgQEGfZR27O6KQVJ5aqIOJcHXt50zJwXoa8Ug==
expires: Thu, 10 Nov 2022 23:50:03 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
419 B 60ms
58ms Image
text/html 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2ODA1NDx1MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA0OTpmJaN0YT0jJat9NwxjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXZup3QhZ2pzp3VvSWQ9qzFmqC5aZlZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmElRDMkMmA1RwMjMmY3RDqCNmMmMTM1MmAmMwMjMmAmNwM5N0Q3QwQmMmUmNmqEN0I1MmY0NxQ0NwqBNwQ0MmM1NxU1QTp3M0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmM4MmtmOTM3N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTMjMvUmQSUmQTIjMzUzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA3LwAhNTMjNC44NlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwM2YmqzYTqyYwMlNSZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwY4MDU0OTUlMwM5JaVcZD1TZWgcozRiU1BfYXyypwYmNzM3ZzE4MTM1MDEzpHVvVXJfPWu0qHBmJTNBJTJGJTJGqzFmqC5aZlUlRzquoWyhZl1anXZyYXqurXMyMxYkpWZypC10paVgYW4gZzFwqG9lrS1cpGFxLTEjqGtgZ2VhLWqcqzVuq2F5LW5iqv01qGtgZGVwLTV0nCUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: 1ornnpBq8Pcg5GKaA7YBeyD3TcBjT2GrqMwrOgNN2ppE42e0GT4qoA==

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame AC3F 43 B
220 B 96ms
7ms Image
image/gif 3.126.151.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.151.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-151-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 04:35:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET /
csync.loopme.me/ Frame AC3F 0
0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AC3F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=99&advUuid=Y2x_qEQB8VlmHnwoBa_csAAAFDUAAAAB

0
398 B

34ms
34ms

Image
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=99&advUuid=Y2x_qEQB8VlmHnwoBa_csAAAFDUAAAAB
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: WqxCn_SzcD33tMqkCP6jmqUdRuNNVPxMY7YnzTb2T49PYTun2bLFRA==

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFiCONu5XgA5%2BrUiIkSmw5Eek73OTGV%2BEz%2BJXLrIUnaXzyKtzG7ra3nc7oTV31KMGb1k%2B7fgYGmJ7B3lgwSbTOYTBJzTJMH1d%2FryIvctuGmGJQ%2FEFF4KhvKDtNPtNdQH6DO%2FOFIheijeDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=99&advUuid=Y2x_qEQB8VlmHnwoBa_csAAAFDUAAAAB
cache-control: no-cache
cf-ray: 767c157d0fd9905b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 getuid
eb2.3lift.com/ Frame AC3F 37 B
140 B 44ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame AC3F 0
239 B 30ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AC3F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58627/occ
https://ups.analytics.yahoo.com/ups/58627/occ?verify=true
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-6MfUtSZE2u...

0
398 B

57ms
57ms

Image
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A&advUuid=y-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: tS-ZjnlP3HHY-SfC89GSDmWZ-vxz_JDMK_fBZMHxg64TXg37VAh-_A==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A&advUuid=y-6MfUtSZE2uFg3D0JDifX6INbaZa4..Ls22fKshs-~A
date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AC3F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D636c7fa7eb325%2526pixel%253D%2526advId%253D105%2526ad...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=105&advUuid=3529097371459756326

0
398 B

58ms
58ms

Image
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=105&advUuid=3529097371459756326
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:51 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: 7XPcyjy7gOUMOVXo_tVLAnRWmF0NI7H3BHUPVis6akv97IY9QydI4A==

Redirect headers

Date: Thu, 10 Nov 2022 04:35:52 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8ace3d0c-f47b-4480-b53e-7187d7d9644e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=&advId=105&advUuid=3529097371459756326
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

verify
mb9eo.publishers.tremorhub.com/pubsync/ Frame AC3F
Redirect Chain

https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intent...

43 B
182 B

92ms
92ms

Image
image/gif

2600:1f18:612b:4264:b39c:5c5b:5f81:7972
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:1f18:612b:4264:b39c:5c5b:5f81:7972 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 10 Nov 2022 04:35:52 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

location: pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date: Thu, 10 Nov 2022 04:35:52 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AC3F
Redirect Chain

https://cs.media.net/cksync?cs=34&type=pri&ovsid=636c7fa7eb325&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3Dhttps%253A%252F%252...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...

0
397 B

34ms
34ms

Image
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: 6uPi-11f6mNGL2MmUAtuS6QjZYSQ6gBDtFMdkjnPLwUBgt77rAC6Zw==

Redirect headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 04:35:52 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=636c7fa7eb325&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Thu, 10 Nov 2022 04:35:52 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame AC3F 0
277 B 51ms
15ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 10 Nov 2022 04:35:52 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AC3F
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent=
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...

0
398 B

34ms
34ms

Image
text/html

2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D8591b99421e043b424cba647febf3a&advId=134&advUuid=8591b99421e043b424cba647febf3a&gdpr_consent=&gdpr=1
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: IzHtLrHzdc6TuOx5EuuXHSxW42Oz3rNs4nL0_rI1RAjC3vnKOZ0QMQ==

Redirect headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 04:35:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D8591b99421e043b424cba647febf3a&advId=134&advUuid=8591b99421e043b424cba647febf3a&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1668054952482099-405
Expires: Thu, 10 Nov 2022 04:35:52 GMT

GET
H/1.1 400
Bad Request 3613a31b6329d1c17d5663d05b080db1.gif
cs.admanmedia.com/ Frame AC3F 20 B
20 B 613ms
88ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D793790479%25263rddpi%253D2136778551%25263rdpcid%253D%5BUID%5D%26advId%3D138%26advUuid%3D%5BUID%5D
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 04:35:52 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame AC3F 0
45 B 528ms
24ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=1&gdpr_consent=
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-length: 0

GET
H2 200 vid5ddd215f8ca7d558885972.jpg
video.primis.tech/uploads/cn11/video/users/converted/28786/video_5dd38efb29ae6815027197/ 31 KB
31 KB 61ms
8ms Image
image/jpeg 2600:9000:2491:4200:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn11/video/users/converted/28786/video_5dd38efb29ae6815027197/vid5ddd215f8ca7d558885972.jpg?cbuster=1577199506
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b95fce424ee6631661bbaf442f82bbfbc5b30f038763cd2c091495f6d5adb559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 15:18:37 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront), 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 17:56:34 GMT
server: nginx
x-amz-cf-pop: FRA60-P4, FRA56-P7
age: 47834
etag: "2140423fb9f6c6c905307320b54b77d3"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 31612
x-amz-cf-id: 2YH6F3mr4Fv46XrnI-oYhB1KGpZcQGZ1xExsV0bs7B6L8h_VgdhRLw==
expires: Thu, 10 Nov 2022 15:18:37 GMT

POST
H3 200 767c1574b991d6ea Show response
gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 3B10 2 B
432 B 26ms
26ms XHR
text/plain 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/767c1574b991d6ea

Requested by

Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668052800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 767c157cac4b911e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200 1013.json Show response
id5-sync.com/g/v2/ 216 B
617 B 379ms
8ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1013.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

fdf97b6bf209745cbd4c1036119822ecc6aff9ec456dedaef4b1bb3d6fb2a57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A74D 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vast.gg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 487259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:14:53 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5755 0
42 B 386ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55303981&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:51 GMT
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame AC3F 2 KB
2 KB 362ms
16ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5660
x-jsd-version: 1.0.1519
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4539-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"667-uUj5gf5dt/YxoDEfGr8LlrRaszc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtEJSuNN%2BG1Zy3NUzpRa41cLKc6sHf%2BugHHWe8dJZdEO840f0sPlfScnZOP%2BgKQV3RoinTvxhW2EbBBDZQByyVBT7fO8yjJWq3PxUmtRVyAQ7IOgrpRFC9LzuSGLPz%2B60PvQ8%2FT1R0rjNV7%2BrCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767c157f5e2a904e-FRA

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame AC3F 1 KB
822 B 404ms
67ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU695QH7
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6669c76bd92f2c9ad7790af31e29340f07f912e9a999fdc6df915b79ef55e386

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://vast.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AC3F 936 B
2 KB 436ms
101ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fa977ecba35a48ffaf8654650f4c1042c8caf30951cb733e71521adcc8a8ce54

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vast.gg
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 liveInternalSsp.php Show response
live.primis.tech/live/ Frame AC3F 25 B
483 B 336ms
336ms XHR
text/html 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E0MDQyMxMyMwJbZWyanHQyMwIyM0ElMwpyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMwAjMSUmQWFwOCUmQTIjJTNBMmAlJTNBJTNBMwAlZSUlMvUlQlUlMzqyo0yxJTIlJTNBNTpyMxMyMwJuoHBbYTJHZW8yMwIyM0EyMwJERSUlMvUlQlUlMzRyqzywZXR5pGUyMwIyM0ElJTJDJTIlqHu0RGV2nWNyqHyjZSUlMvUmQSUlMzRyp2g0o3AyMwIyMxMyMwJvpz93p2VlJTIlJTNBJTIlY2ulo21yJTIlJTJDJTIlo3MyMwIyM0EyMwJXnW5xo3qmJTIlJTJDJTIlqHu0T3MyMwIyM0EyMwJ3nW5xo3qmJTIlJTJDJTIlZGV2nWNyTW9xZWjyMwIyM0EyMwIyMwIyMxMyMwJip1ZypaNco24yMwIyM0EyMwIkMC4jJTIlJTJDJTIlZGV2nWNyTWFhqWZuY3R1pzVlJTIlJTNBJTIlJTIlJTJDJTIlZGV2nWNyQ29xZU5uoWUyMwIyM0EyMwIyMwIyMxMyMwJ1p2VlQWqyoaQyMwIyM0EyMwJNo3ccoGkuJTJGNS4jJTIjKFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolxyMwBDnHJioWUyMxYkMDphMC41MmA0Lwt3JTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTA0OSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwI5NSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ2YXN0LzqaJTJGZ2FgnW5aLWqcqzVuq2F5plUlRwFkZzVjLXRlqW1uov1zYWN0o3J5LWyjYWQgMTB0nC1aZW4gZ2y2ZWF3YXxgoz92LTV0nC1xZWMgNXRbJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGqzFmqC5aZlUlRzquoWyhZl1anXZyYXqurXMyMxYkpWZypC10paVgYW4gZzFwqG9lrS1cpGFxLTEjqGtgZ2VhLWqcqzVuq2F5LW5iqv01qGtgZGVwLTV0nCUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaZup3QhZ2pyMxZaYW1cozpgZ2y2ZWF3YXymJTJGMXFzZXAgqHJ1oWFhLWZuY3RipaxgnXBuZC0kMHRbLWqyov1anXZyYXqurS1ho3YgNXRbLWRyYl01qGtyMxYyMwIyMxMyMwJaZHBlJTIlJTNBMSUlQlUlMzqxpHJDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlnXNXZVBup3NHZHBlJTIlJTNBJTIlMCUlMvUlQlUlMzNwpGEyMwIyM0EjJTJDJTIlY2NjYUNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJxo21unW4yMwIyM0EyMwJ2YXN0LzqaJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MmZwN2ZuN2VvMmI1JTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTqCJTIlp291pzNyJTIlJTNBJTIlpHVvY2yxLz9lZlUlMvUlQlUlMaVcZHMyMwIyM0EyNUIyN0IyMwJcZCUlMvUmQSUlMwAmOTElZTAkLTM4NmpgNDBzZv05MGJyLWI2MWFzZzY2MmtjZCUlMvUlQlUlMzF0rXByJTIlJTNBMSU3RCU1RCU3RCU1RCUlQlUlMz1lYWyxQWkfo3qyZCUlMvUmQTAyMxMyMwJxZWJ1Z0yhZz9loWF0nW9hJTIlJTNBJTIlJTIlJTJDJTIlp2y0ZUyxJTIlJTNBMTA0OTpmJTJDJTIlpHVvoGymnGVlSWQyMwIyM0EmMDA3MSUlQlUlMaNwnGFcovUlMvUmQSU3QvUlMaZypvUlMvUmQSUlMwEhMCUlMvUlQlUlMzNioXBfZXRyJTIlJTNBMSUlQlUlMz5iZGVmJTIlJTNBJTVCJTqCJTIlYXNcJTIlJTNBJTIloW9hqW1yqHJcYl5wo20yMwIyMxMyMwJmnWQyMwIyM0EyMwJyNTI4OGVxNl02ODt0LTQkN2UgYwI1Nv1xYmIkY2RvNDZzNmYyMwIyMxMyMwJbpCUlMvUmQTEyN0QyMxMyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwMjMDpkJTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTJDJTIlpzVanW9hJTIlJTNBJTIlRyIyMwIyMxMyMwJwYW1jYWyaoaMyMwIyM0EyN0IyMwI3ODMkNlUlMvUmQSU3QvUlMaRlYWNeZXIyMwIyM0EyMwJwYW1jYWyaoxZlZXFDYXAyM0QjJTI1MxYjJTI2Y2FgpGFcZ25JZCUmRDp4MmE3JTI2p3BuY2UlQWRJZCUmRDE3MDU1MmI4JTIlJTJDJTIlpHJyYzyxTaNmpEyhZGV4JTIlJTNBMCUlQlUlMaNjYWNyMxFxSWQyMwIyM0EyMwIkNmA1NTMlOCUlMvUlQlUlMzRyYWjyMwIyM0EyN0IyMwJcp1J0YxRyYWjyMwIyM0EjJTJDJTIlpaRvRGVuoEyxJTIlJTNBJTIlJTIlJTJDJTIlpaRvU2VuqEyxJTIlJTNBJTIlJTIlJTqEJTJDJTIlpaRvV1NyYXQyMwIyM0EyMwIyMwIyMxMyMwJwYW1jYWyaoxyxJTIlJTNBNmtmMTpyMxMyMwJwYW1jYWyaoyNwo3ByJTIlJTNBJTIlpHVvoGywJTIlJTJDJTIlYaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJuZFVmZXJJZCUlMvUmQTMkMDIlJTJDJTIlYzNuqCUlMvUmQSUlMvUlMvUlQlUlMzJup2VGoG9ipvUlMvUmQTIhOSUlQlUlMzV4qCUlMvUmQSU3QvUlMaBupaRhZXIyMwIyM0EyMwIkMwEyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwAhOTxyMwIyMxMyMwJjoGFwZW1yoaRJZCUlMvUmQSUlMyBlnW1cp19HZW5ypzFfX1JUQvUlMvUlQlUlMaN1pHBfnWVlX2yxJTIlJTNBJTIlNDIyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTUyMxMyMwJvnWRzoG9ipvUlMvUmQSUlMwIhOTAyMwIyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMz1ioaVgZXRlnWMhY29gJTIlJTJDJTIlp2yxJTIlJTNBJTIlZTUlODuyZDpgNwt4NC00MTqyLWIlNTYgZGMlMWNxYwQ2Zwp2JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTJDJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwImMDA3MSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCU3RCU3RCUlQlUlMaBfYWNyoWVhqENuqCUlMvUmQSU1QvUlMxyBQwpgMmUyMwIyNUQyMxMyMwJhYXZcZ2F0o3JMYW5aqWFaZSUlMvUmQSUlMzVhJTIlJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwpgMmUyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMwMyMwIyMxMyMwJJQUIkLTpyMwIyMxMyMwJJQUIkMSUlMvU1RCU3RA%3D%3D%5C%22%22%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://vast.gg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: MMKILpY2a4LJNH5YXMKuSteEyt-46aVhBiwD4r_kMEWUdXbaLhvcSg==

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame AC3F 66 B
291 B 94ms
78ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d7b3c66ff6391423e6960f33ad823a24a82abdb66d6a27ba10faf9c5234c1b5b

Request headers

Referer: https://vast.gg/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
content-length: 66

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame AC3F 0
19 B 95ms
83ms XHR
text/plain 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vast.gg/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:52 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AC3F 19 B
970 B 346ms
15ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 04:35:52 GMT
AN-X-Request-Uuid: 77ac8cd8-707f-49e2-a394-efabff1f64f4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vast.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame AC3F 185 B
404 B 436ms
106ms XHR
application/json 3.68.57.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.57.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-57-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 41978534e078e95197fdd5f953b3fe4ff7c79f617ab0f5e4d5da9d9ca4e68d7c

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-prebid: pbs-java/1.104.0
content-type: application/json
access-control-allow-origin: https://vast.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame AC3F 185 B
404 B 431ms
102ms XHR
application/json 3.68.57.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.57.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-57-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 719d77b72b7b6a0fca9f20b4487d90a13c3919ed7c06777fa92b50a9868c0696

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-prebid: pbs-java/1.104.0
content-type: application/json
access-control-allow-origin: https://vast.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame AC3F 0
152 B 400ms
72ms XHR
text/plain 3.64.204.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.204.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-204-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:52 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 aFO8buhTyr67n_aKlId8sQ.js Show response
sc.tynt.com/script/sc/ 974 B
898 B 163ms
14ms Script
text/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/aFO8buhTyr67n_aKlId8sQ.js

Requested by

Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1001045aea0845db601e52ab37d66b5e434e52b50a9a6a1ac5bf24e793f5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 225625
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 01d91b69-20d3-4d9e-a60b-895a890dfe76
x-runtime: 0.002882
x-content-digest: 3fe456737c80932ff5af6c5e793279ca1f929fed
last-modified: Sat, 05 Nov 2022 14:04:16 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-ray: 767c157e4f6e9bfb-FRA
x-rack-cache: fresh
expires: Sun, 06 Nov 2022 09:03:57 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AC3F 6 KB
3 KB 9ms
9ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 20:29:54 GMT
x-amz-cf-pop: FRA56-C2
age: 29159
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: QWzzq8lfKH8bGeUl1zgFhOSGDeZDTGAIPu3SCh9h_--PhjOSeQ0rnQ==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 385ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg&ct=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20%E2%80%93%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&t=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20-%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&cu=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 300ms
117ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=aFO8buhTyr67n_aKlId8sQ&dn=RCIV&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Fri, 11 Nov 2022 04:35:53 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 341ms
8ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vast.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vast.gg
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 10 Nov 2022 04:35:52 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 344ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://vast.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://vast.gg
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 10 Nov 2022 04:35:52 GMT
server: ATS/9.1.10.25

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ 442 KB
116 KB 149ms
12ms Script
application/javascript 104.18.22.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4d429b34a4864bd33d77d0b240f13c196d4cc84784b33cedf242292c00768eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 20:20:02 GMT
server: cloudflare
age: 210379
etag: W/"62c89172-6e9b3"
x-powered-by: Love
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 767c15802ac59b74-FRA
expires: Thu, 10 Nov 2022 05:35:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AC3F 369 KB
124 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126233
x-xss-protection: 0
expires: Thu, 10 Nov 2022 04:35:52 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
115ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg&ct=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20%E2%80%93%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&t=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20-%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&cu=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ 7 KB
2 KB 37ms
37ms Stylesheet
text/css 104.18.22.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 20:20:02 GMT
server: cloudflare
age: 422681
etag: W/"62c89172-1c90"
x-powered-by: Love
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 767c15808b659b74-FRA
expires: Thu, 10 Nov 2022 05:35:53 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame 6780 92 KB
32 KB 61ms
16ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires: Mon, 31 Oct 2022 06:01:09 GMT
Date: Thu, 10 Nov 2022 04:35:53 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 81265
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 32131
X-Served-By: cache-lga21942-LGA, cache-cdg20776-CDG
Last-Modified: Mon, 17 Oct 2022 12:28:46 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1668054953.107621,VS0,VE0
ETag: W/"634d4a7e-16e64"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 7, 33921

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/ Frame E0AE
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
39 KB

12ms
12ms

Script
application/javascript

2600:9000:2182:c000:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Server: 2600:9000:2182:c000:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:24:41 GMT
content-encoding: br
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 673
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: eQr7CodGZ4GkUFC0zRKUkKDqf5A89BCxbGqA_VY9XqhhTIhsFjwgiw==

Redirect headers

date: Wed, 09 Nov 2022 22:24:28 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 22285
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: 5_ulF_xZXonfUjWaojRfHgSD15U-CXmz53J559KAtitt__F71LR-LQ==

GET
H2 200 authorize Show response
sic.33across.com/ 2 KB
1 KB 637ms
123ms Script
text/javascript 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?usPrivacy=&version=3.23.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&referrerURL=&publisherId=aFO8buhTyr67n_aKlId8sQ&publisher=monumetric_vast.gg_Pillar&maxTouchPoints=0&navigatorPropsCount=62&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=3722&_=1668054953065&callback=_tynt_jp.a93xqizdq

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.202.105.24 Tinley Park, United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip24.67-202-105.static.steadfastdns.net

Software

/ Love

Resource Hash

ee165d6542ab5b6f1c84b1898c7718356bfac7e5b864bd981feb11925608b9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Love
etag: W/"658-K9eoguRisCXjOZ5ErwwhdSBcG50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Authorization

GET
H3 200 bridge3.543.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3853 686 KB
221 KB 25ms
9ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 557630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226184
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 17:42:03 GMT
expires: Fri, 03 Nov 2023 17:42:03 GMT
last-modified: Thu, 03 Nov 2022 17:37:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AC3F 44 KB
17 KB 60ms
23ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 04:35:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AC3F 107 B
122 B 33ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vast.gg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 118ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg&ct=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20%E2%80%93%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach&t=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20-%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 114ms
114ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=aFO8buhTyr67n_aKlId8sQ&dn=RCIV&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 10 Nov 2022 04:35:52 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Fri, 11 Nov 2022 04:35:53 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E0AE 6 KB
3 KB 7ms
6ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 20:29:54 GMT
x-amz-cf-pop: FRA56-C2
age: 29160
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: o3ZdDQaw5ULrsghgDLb8mOkJ1-lOXmtJSPZQjB72QELKY4OP2S9YuA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3853 156 B
144 B 203ms
202ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM_Primis&description_url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&env=vp&correlator=4086763999198450&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dtfbkrf&sdkv=h.3.543.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1051332019&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.543.0&sid=1D5F46A4-0E50-4BB3-B6D7-1DE230866184&nel=0&eid=44748969%2C44752657%2C44765701&ref=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&dlt=1668054951938&idt=1256&dt=1668054953216&cookie=ID%3D80556c715f8b25c2-22428b1f76ce006d%3AT%3D1668054951%3AS%3DALNI_MZr80OMzQL8M8gfhzXQ41rhcnWgRw&gpic=UID%3D00000b7f6c0038b4%3AT%3D1668054951%3ART%3D1668054951%3AS%3DALNI_Mav4VG8OwIR5HeTzoAD_a_A6I45Dw&scor=1872666696039193&ged=ve4_td1_tt0_pd1_la1000_er30.-2400.183.-2160_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg&ct=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20%E2%80%93%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg&ct=Truman%20Factory%20%7C%20iPad%2010th%20Gen%20Giveaway%20Nov%205th%20%E2%80%93%20Dec%205th%20-%20Vast%20%7C%20Expand%20Your%20Reach
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AC3F 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vast.gg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3853 156 B
142 B 232ms
232ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22679662087%2Fmonumetricmedia&description_url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&env=vp&correlator=4086763999198450&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&cust_params=prmsig%3Dtfbkrf&sdkv=h.3.543.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1051332019&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.543.0&sid=1D5F46A4-0E50-4BB3-B6D7-1DE230866184&nel=0&eid=44748969%2C44752657%2C44765701&ref=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&url=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&dlt=1668054951938&idt=1256&dt=1668054953446&cookie=ID%3D80556c715f8b25c2-22428b1f76ce006d%3AT%3D1668054951%3AS%3DALNI_MZr80OMzQL8M8gfhzXQ41rhcnWgRw&gpic=UID%3D00000b7f6c0038b4%3AT%3D1668054951%3ART%3D1668054951%3AS%3DALNI_Mav4VG8OwIR5HeTzoAD_a_A6I45Dw&scor=1872666696039193&ged=ve4_td1_tt0_pd1_la1000_er30.-2400.183.-2160_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0&img=https%3A%2F%2Fvast.gg%2Fwp-content%2Fuploads%2F2022%2F11%2FTruman-v6-03-1024x576.jpg
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aFO8buhTyr67n_aKlId8sQ&lm=0&ts=1668054952586&dn=RCIV&iso=0
Requested by: Host: vast.gg
URL: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ED3A 79 KB
27 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23165d45714710a11cbbd489d172aa149bd0e1b0a27283cc48cb4f6006ae3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27342
x-xss-protection: 0
server: sffe
etag: "1389 / 515 of 1000 / last-modified: 1668035351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Nov 2022 04:35:53 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
8ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=1b2805df-a344-428e-aa2d-8653c3e51c53&a=p.l&u=e5288ed7-6884-417e-b256-dc21cdb46f76
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:55:01 GMT
age: 52852
x-guploader-uploadid: ADPycdtfiPcZl_qjIkAbHiiMvGsTeR15kas1jqpCRlwl6RLvG5EXJQ-C-7onAxd2N_NQOfvi1nMAeMspDaTmfr5NIOPHRAuxDWME
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Thu, 09 Nov 2023 13:55:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 51ms
30ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75121240c48bdb8fc8791606c1a387285a7dc3bac930fe437a797785fcac735b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11230
x-xss-protection: 0

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame CFD7 22 KB
9 KB 179ms
178ms Document
text/html 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX8RN661&fv=1&fy=37&ke=1&suylg=203%2C209%2C272%2C241%2C251%2C356%2C369%2C282%2C201%2C267%2C108%2C291%2C292%2C310%2C3012%2C265%2C368%2C229%2C271%2C159%2C97&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX8RN661&hst=vast.gg&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d76e3de88d2b25947ec7c1e560e0090f15acc22ab028706b7a9ac514b3055e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8676
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 04:35:53 GMT
expires: Sat, 12 Nov 2022 04:35:53 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 pubads_impl_2022110901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED3A 381 KB
129 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 09:36:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 11:53:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame ED3A 83 B
83 B 16ms
15ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vast.gg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bb4c190c04ef659ba878a531141fdc792a7841d68d1cc82557df9a91dc8047a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Thu, 10 Nov 2022 04:35:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 04:35:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A966 13 KB
5 KB 23ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 03:57:31 GMT
expires: Fri, 10 Nov 2023 03:57:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31ED 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f07b657f923c1050cc1e0069aa51681dac794f11b687b9e3591603dd2958c3cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hZkGlTLpS1moo42lPe3V6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hZkGlTLpS1moo42lPe3V6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 04:35:53 GMT
expires: Thu, 10 Nov 2022 04:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame A966 36 KB
16 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 03:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 03:57:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31ED 0
0 40ms
40ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110901&jk=1415068949485902&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame CFD7 35 B
296 B 239ms
164ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3110565537576871000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX8RN661&fv=1&fy=37&ke=1&suylg=203%2C209%2C272%2C241%2C251%2C356%2C369%2C282%2C201%2C267%2C108%2C291%2C292%2C310%2C3012%2C265%2C368%2C229%2C271%2C159%2C97&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 04:35:54 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 10 Nov 2022 04:35:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A966 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B8piLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame AC3F 135 B
536 B 28ms
7ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 451 envelope Show response
api.rlcdn.com/api/identity/ Frame AC3F 44 B
61 B 35ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=34

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Nov 2022 04:35:54 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://vast.gg
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame AC3F 43 B
312 B 129ms
56ms XHR
application/json 63.32.244.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.244.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vast.gg
cache-control: no-cache
x-server: 10.45.23.130
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame AC3F 63 B
383 B 34ms
34ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: addd5a777e5983847ffd319bdc09b126de0f3c8e9d2932882f3054b638f0fcac

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Nov 2022 04:35:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vast.gg
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 10 Dec 2022 04:35:54 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1AC2 281 B
554 B 61ms
15ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Nov 2022 04:35:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 86F5 23 KB
8 KB 112ms
53ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C2069%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

280c466c77d63c15cdf5b9991f69c8f6a799ddc50ac3fecca30da5ee536a42c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vast.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8271
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 04:35:54 GMT
expires: Sat, 12 Nov 2022 04:35:54 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 451 711890.gif
id.rlcdn.com/ Frame AC3F 0
98 B 53ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:35:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame AC3F
Redirect Chain

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_636c7faa11113&gdpr=0&gdpr_consent=

43 B
411 B

108ms
25ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_636c7faa11113&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Thu, 10 Nov 2022 04:35:54 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_636c7faa11113&gdpr=0&gdpr_consent=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1 200 9.gif
id5-sync.com/i/102/ Frame AC3F 43 B
1 KB 9ms
7ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 10 Nov 2022 04:35:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame AC3F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=23c1c865-3e25-44dd-a451-9c775c8482f2&gdpr=0&gdpr_consent=

43 B
425 B

139ms
24ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=23c1c865-3e25-44dd-a451-9c775c8482f2&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:53 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=23c1c865-3e25-44dd-a451-9c775c8482f2&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1915335
content-length: 0
expires: Thu, 10 Nov 2022 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame AC3F
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3337d8e1-84e8-40bd-a1b3-1fcb6dd69208&gdpr=0&gdpr_consent=

43 B
451 B

24ms
23ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3337d8e1-84e8-40bd-a1b3-1fcb6dd69208&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3337d8e1-84e8-40bd-a1b3-1fcb6dd69208&gdpr=0&gdpr_consent=
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 log
l3.aaxads.com/ 35 B
173 B 19ms
19ms Image
image/gif 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=25bccp7ihn5fs6949k6cjst5iltv5zda4r85fx7&lwbsh=AAX&wHos=2022&dgw=desktop&flg=AAX8RN661&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=vast.gg&vhuyqdph=ssp-serving-668d7f664f-rjf2s&vyu=110807_474_110906_438_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001668054952005032397757444728&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&vlg=mmt-96aecd73-cf5e-4dfb-81f8-8adb2f4d33ee-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.C_0&vcv=728x90&ws=pos%3D3%7Cmonu%3D728x90_B3%7Ctynt_pillar%3Dfalse%7CdirectDeals%3Dsticky_bottom%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=0&ewp=0&oiw=0&ujkw=0&oshu=10&vlg=mmt-5cf995ae-2d40-423c-9678-9776a052883e-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDT.D_0&vcv=300x250%7C160x600%7C300x600&ws=pos%3D4%7Cmonu%3D300x250-160x600-300x600_B4%7Ctynt_pillar%3Dfalse%7CdirectDeals%3Dsticky_sidebar%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=2769&ewp=2769&oiw=1080&ujkw=1380&oshu=10&vlg=mmt-912728e9-bd5a-411c-a4d8-564b242e1809-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I_0&vcv=160x600&ws=pos%3D9%7Cmonu%3D160x600_A9%7Ctynt_pillar%3Dtrue%7CdirectDeals%3Dsticky_pillar%7Ctynt_id%3DaFO8buhTyr67n_aKlId8sQ%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=600&ewp=1200&oiw=-300&ujkw=-140&oshu=10&vlg=mmt-2ad35424-8dec-44c1-885a-e1c37db86870-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A_0&vcv=728x90&ws=pos%3D1%7Cmonu%3D728x90_A1%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=194&ewp=194&oiw=436&ujkw=1164&oshu=10&vlg=mmt-cc89d82e-4f0a-44a9-ac45-8c94345df3c0-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.J_0&vcv=160x600&ws=pos%3D10%7Cmonu%3D160x600_B10%7Ctynt_pillar%3Dfalse%7CdirectDeals%3Dsticky_pillar%7Camznbid%3D2%7Camznp%3D2%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone%7Cconfiant_refresh%3Dundefined&odwh=1&vuw=-1&oco=1&wrs=0&ewp=0&oiw=0&ujkw=0&oshu=10&vlg=mmt-8f18f119-4941-4ba9-a337-22323915c8a1-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C_0&vcv=300x250%7C160x600%7C300x600&ws=pos%3D3%7Cmonu%3D300x250-160x600-300x600_B3%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=2029&ewp=2029&oiw=1080&ujkw=1380&oshu=10&vlg=mmt-fa752522-2437-40fe-b514-67039b3cbc2a-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.B_0&vcv=300x250%7C160x600%7C300x600&ws=pos%3D2%7Cmonu%3D300x250-160x600-300x600_A2%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=1304&ewp=1304&oiw=1080&ujkw=1380&oshu=10&vlg=mmt-55191930-cd70-4c90-9508-e97743ac59e9-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.B_1&vcv=300x250%7C160x600%7C300x600&ws=pos%3D2%7Cmonu%3D300x250-160x600-300x600_A2%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=0&ewp=0&oiw=0&ujkw=0&oshu=10&vlg=mmt-e167ef60-1fbe-4928-ae2d-1da5514a78c2-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDP.B_0&vcv=728x90&ws=pos%3D2%7Cmonu%3D728x90_B2%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=3179&ewp=3179&oiw=436&ujkw=1164&oshu=10&vlg=mmt-42555874-280d-4592-8c4f-b092389552af-ad&gvlg=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDI.E_0&vcv=300x250%7C320x50%7C320x100&ws=pos%3D5%7Cmonu%3D300x250-320x50-320x100_B5%7Ctynt_pillar%3Dfalse%7Camznbid%3D2%7Camznp%3D2%7Cconfiant_refresh%3Dundefined%7Chard_adx_floor%3D0.00%7Crefresh_count%3D0%7CtabVisibilityState%3Dvisible%7Cmax_bid%3Dnone&odwh=1&vuw=-1&oco=1&wrs=1849.5625&ewp=1849.5625&oiw=450&ujkw=750&oshu=10&uhtxuo=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&nzui=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 10 Nov 2022 04:35:54 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 10 Nov 2022 04:35:54 GMT
content-length: 35
content-type: image/gif

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame AC3F 33 B
394 B 7ms
7ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

eafc9d3c7c8ca6f1b2c87a2a61d3124bf0182afad96275e6bd532d3d4c94d6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 212.json Show response
id5-sync.com/g/v2/ Frame AC3F 216 B
617 B 9ms
8ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/212.json

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

420c9dd2c66ec340ccdc5942feb438e5f7eae4fe8a983344e00b800472fab265

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vast.gg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vast.gg
date: Thu, 10 Nov 2022 04:35:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1AC2 33 KB
10 KB 15ms
14ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a71b712be8320d9db7dc911e1edd99b8103deb5ed259b51c3fe11d25ee8d27a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 04:35:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 08:07:15 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12641
Connection: keep-alive
Content-Length: 9884
Expires: Thu, 10 Nov 2022 08:06:35 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1AC2 284 B
536 B 36ms
7ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 liveView.php
live.primis.tech/live/ 0
419 B 35ms
35ms Image
text/html 2600:9000:23d0:6200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY2ODA1NDx1MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA0OTpmJaN0YT0jJat9NwxjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXZup3QhZ2pzp3VvSWQ9qzFmqC5aZlZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBMmAlJTNBJTNBMwAlZSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDphMC41MmA0Lwt3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmZwN2ZuN2VvMmI1JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NwtjNTQ5NTQ0NTxzqWyxPVNyn2yhZG9TUGkurWVlNwM2YmqzYTtkMmUjMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ2YXN0LzqaJTJGZ2FgnW5aLWqcqzVuq2F5plUlRwFkZzVjLXRlqW1uov1zYWN0o3J5LWyjYWQgMTB0nC1aZW4gZ2y2ZWF3YXxgoz92LTV0nC1xZWMgNXRbJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:6200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 04:35:53 GMT
content-encoding: gzip
via: 1.1 bd3f8a07a0dda8b80498a0b92378cd90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MRS52-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: WFs2eiObfXRq43iAygDQ5fKWZefJoGo3LnH1BSdvOo1_aZQ3iNTrrQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110901&jk=1415068949485902&bg=!BgWlBUHNAAbvMpMzzzI7ACkAdvg8WvSHhRBAc_hAyUygUKF0BzpE-ooHE8rIPkmTNHUn9IX6v8SBpwIAAABRUgAAAAJoAQeZApMJgPMaSw1vqR_6swpe7ppnRw3Xkzr6ax05EmIXyo5urqVYszcpz1gjKtZlrRJcIhjueCFWNe2CJeVfD-iMMn6SmokjnTxBPIgXqNT0dAGIRD7S8p9cLmSVvgTd5GtgBa1TZTliqKlf6yjuaW45nJxjtzff2hEhuc1Gim5gizhjSbUGFw620jUFcbWv6_rLj1IavFx6g1FuZ7DtmnU5XAur98uLxdrNil6Nnb3vWy1RWrIHRXtnx3eHoIwb13aMRFeHm_FzvAQ4PGIUL26JUqTazAGtZRHvSC70jI5ZQUcUDltMExmJqJuwOp9AwZSEl6sK50WrVp0FgT30lDbKPPRHjZBezKFXGfIxhSb69wCBGX80f1wV5bAKfEed3gWAjnTpDOpPamPBpi3ya0YlCKh78eNQtAnp-2wmHmE7GTfhl6kx5D0OFHqwUiimru6O5pUMG4qPJImv9W6VKrQRvMilCfhrw42o9lmXAGGAkhyI0KABz6DXyzXRQ0sBF0WZQesUp-j6AkMrDRD5Ty_LZhJdMw7ODg3jRpjnWV5xOmbNKMgOQMdM9p_CH4fALrRw1GJLd7Ft2w1PCzOOLMMB8f2afLA675LBhtMSRiQFyy2tGKMTUJqjKhujjCwtmi9PC56L5pDwA-Sv2_rKcghAUxWCRRouhXI_b8iVl6SwYogn_qk2O_2Ovu-HywNq3c-9Bymaoewj5-Yk36h98dRdwQ2pUUyKZzmQY_6829SxC5euaff4Wyd67UTSvGVlDc2dWQoUcxqrdtyLMm3s9_v_OpFCSe_FK86MqgoQfSXbMd6Unxdu35twT6ewjIambiB8b9anHlVDJOf1R08_263kPYJ6z9CN9fLKRx6JqC4K4KUamXcCkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vast.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csync.loopme.me
URL: https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D636c7fa7eb325%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vast.gg/gaming-giveaways/1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th	1970-01-20 16:56:54	Name: session Value: 1b2805df-a344-428e-aa2d-8653c3e51c53
.vast.gg/	1970-01-20 16:56:54	Name: _ga Value: GA1.2.230105519.1668054951
.vast.gg/	1970-01-20 07:22:21	Name: _gid Value: GA1.2.2111081901.1668054951
.vast.gg/	1970-01-20 07:20:55	Name: _gat_gtag_UA_117561825_3 Value: 1
vast.gg/	1970-01-20 08:04:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
vast.gg/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1668054952006
vast.gg/	1970-01-20 07:22:21	Name: _lr_geo_location Value: DE
vast.gg/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.yahoo.com/	1970-01-20 16:06:52	Name: A3 Value: d=AQABBKh_bGMCEHPzdL0YM7tCtV3KwnhCWrwFEgEBAQHRbWN2YwAAAAAA_eMAAA&S=AQAAAr444BrHWoIfCRlbhWAUCkk
.casalemedia.com/	1970-01-20 16:06:30	Name: CMID Value: Y2x-qEQB8VlmHnwoBa-csAAA
.casalemedia.com/	1970-01-20 09:30:30	Name: CMPS Value: 5173
.casalemedia.com/	1970-01-20 09:30:30	Name: CMPRO Value: 5173
.adnxs.com/	1970-01-20 09:30:30	Name: uuid2 Value: 3529097371459756326
.spotxchange.com/	1970-01-20 08:01:14	Name: audience Value: 288da4b0-60b1-11ed-9c4e-18c6427b0406
.gleam.io/	1970-01-20 07:20:56	Name: __cf_bm Value: qXIoeC7peJgBAJ9rcqBao8vjOBmqCGtuxrG8LsqR9kQ-1668054952-0-AZRTOL8ofNTt9QtMtbAgx0hvxz2uIX5vuVxtPcsJaMaWlo2ks2y/J5E82oB6OlsanXzmIijinbFFuvliiQYVHpgxiPtMyptwTqzogmVcZsdPa7jPseNFXLvqd1J1NXgQ1STzki7/RDVIYS1au97VlzPqaj4EiJuGepsLJWRVSMe5
.vast.gg/	1970-01-20 16:42:30	Name: __gads Value: ID=80556c715f8b25c2-22428b1f76ce006d:T=1668054951:S=ALNI_MZr80OMzQL8M8gfhzXQ41rhcnWgRw
.vast.gg/	1970-01-20 16:42:30	Name: __gpi Value: UID=00000b7f6c0038b4:T=1668054951:RT=1668054951:S=ALNI_Mav4VG8OwIR5HeTzoAD_a_A6I45Dw
.analytics.yahoo.com/	1970-01-20 16:06:30	Name: IDSYNC Value: 198j~287g
.casalemedia.com/	1970-01-20 09:30:30	Name: CMTS Value: 1200
.ads.stickyadstv.com/	1970-01-20 08:04:06	Name: UID Value: 8591b99421e043b424cba647febf3a
.tremorhub.com/	1970-01-20 16:06:51	Name: tvid Value: fd89534bc3cb4b65ae418679e3c15432
.smartadserver.com/	1970-01-20 16:06:30	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 341155=5184275
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 16:06:30	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 16:06:30	Name: pid Value: 885315282622583657
.smartadserver.com/	1970-01-20 07:22:21	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60314%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=-1467671069&lo=-1276914095&lt=638036517528724906&o=1
.smartadserver.com/	1970-01-20 07:22:21	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60314%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.doubleclick.net/	1970-01-20 16:42:30	Name: IDE Value: AHWqTUnI2tC7Rv6A-VVEtEFyZ3GCphvG2fJjGxeKQmTDkrqs0fJF15xIZsr63sYZ7Tw
sic.33across.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: dsic-017-chi~31omguge-6dnutbj8-iqq4edgh-fmlr9w60
.aaxads.com/	1970-01-20 16:06:30	Name: aax-vsid Value: 3110565537576871000V10
vast.gg/	1970-01-20 07:20:58	Name: _lr_retry_request Value: true
vast.gg/	1970-01-20 08:04:06	Name: _lr_env_src_ats Value: false
.id5-sync.com/	1970-01-20 07:20:55	Name: cf Value:
.id5-sync.com/	1970-01-20 07:20:55	Name: cip Value:
.id5-sync.com/	1970-01-20 07:20:55	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:20:55	Name: car Value:
.id5-sync.com/	1970-01-20 07:20:55	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:20:55	Name: callback Value:
vast.gg/	1970-01-20 08:47:18	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-10T04%3A35%3A54%22%7D
vast.gg/	1970-01-20 08:47:18	Name: pbjs-unifiedid_last Value: Thu%2C%2010%20Nov%202022%2004%3A35%3A54%20GMT
.criteo.com/	1970-01-20 16:42:30	Name: uid Value: 23c1c865-3e25-44dd-a451-9c775c8482f2
.dyntrk.com/	1970-01-20 16:06:30	Name: dyn_u Value: 03030001_636c7faa11113
.tidaltv.com/	1970-01-20 16:06:30	Name: tidal_ttid Value: 3337d8e1-84e8-40bd-a1b3-1fcb6dd69208
.tidaltv.com/	1970-01-20 16:06:30	Name: sync-his Value: "H4sIAAAAAAAAADM0NrI0tzI0NgMA4nVnWgkAAAA="
.smartadserver.com/	1970-01-20 16:06:30	Name: csync Value: 69:03030001_636c7faa11113\|96:3337d8e1-84e8-40bd-a1b3-1fcb6dd69208

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://widget.gleamjs.io/1qFEP/embed.js?no_button(Line 417) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://gleam.io/1qFEP/embed?l=https%3A%2F%2Fvast.gg%2Fgaming-giveaways%2F1qfep-truman-factory-ipad-10th-gen-giveaway-nov-5th-dec-5th%2F&r= Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D793790479%25263rddpi%253D2136778551%25263rdpcid%253D%5BUID%5D%26advId%3D138%26advUuid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=34 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
ats-wrapper.privacymanager.io
ats.rlcdn.com
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c21lg-d.media.net
c2shb.pubgw.yahoo.com
cdn-sic.33across.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.tynt.com
contextual.media.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
d3div1mtym39ic.cloudfront.net
de.tynt.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
f6f1ae32f6314906b6558212853b321a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.s-onetag.com
gleam.io
gu.dyntrk.com
ib.adnxs.com
ic.tynt.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
imps.monu.delivery
js-sec.indexww.com
js.gleam.io
l3.aaxads.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
mb9eo.publishers.tremorhub.com
monu.delivery
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
prebid.media.net
prg.smartadserver.com
rtb-csync.smartadserver.com
s0.2mdn.net
sc.tynt.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
sic.33across.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.tidaltv.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
u24250789.ct.sendgrid.net
ups.analytics.yahoo.com
vast.gg
video.primis.tech
widget.gleamjs.io
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
csync.loopme.me
104.18.12.76
104.18.18.126
104.18.18.39
104.18.19.126
104.18.22.45
104.18.31.181
13.225.78.93
13.248.245.213
13.32.27.119
13.32.27.123
13.32.28.197
151.101.129.108
162.19.138.116
162.19.138.82
162.19.138.83
162.19.80.91
167.89.115.121
172.66.40.77
172.66.43.179
178.250.0.163
18.155.145.39
18.155.145.73
18.64.79.128
184.24.12.164
185.64.190.78
185.86.137.131
185.86.139.103
185.86.139.58
185.89.210.244
185.94.180.125
2.18.235.93
2.21.20.202
23.205.235.133
23.205.239.15
23.35.228.23
23.35.236.201
2600:1f18:612b:4264:b39c:5c5b:5f81:7972
2600:9000:2182:c000:11:1ed0:3900:21
2600:9000:23d0:6200:1a:5235:f980:93a1
2600:9000:2491:4200:1:6448:6d00:93a1
2606:4700:10::6816:3556
2606:4700::6810:5514
2606:4700::6812:106b
2a00:1450:4001:803::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9c
2a01:7e00:1::b903:5c4c
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:5701:9c55:1756:99ad
2a06:98c1:3120::3
3.126.151.133
3.126.56.137
3.64.204.225
3.68.57.134
34.107.148.139
34.120.133.55
35.186.236.140
35.244.159.8
35.244.174.68
35.71.131.137
52.28.203.152
63.32.244.82
65.9.66.19
67.202.105.24
67.202.105.31
69.173.144.138
69.173.144.165
72.251.249.9
80.77.87.161
99.86.3.236
99.86.4.110
99.86.4.31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f3e965d97553bcb67f697ccc4635efcd97eebbaf7f82d8fcd7d320ff38db82
044d46f95463e5cdc76abd0f8b74ba3289a5ef0a39c9b34dbed98ba344b4af80
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074815d32a61687cf29cbbe5c5dab3089f279c5290e0878f6941fe2f5083cb0e
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d1377d15a755c5802de0c2b332336995b1d828745c37d2a55eaac4ddb5e1a9f
0d6f775aa7a00ea59752de3dee94a3216a45e65ce549ebad48e8adb67b1ce975
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
0da52336109115fc6ab905e9282bf90e28b7514638c219a03873a115e3837d08
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0e3e5f8ed594e167e1703879d1561b99d601877b94e3173935151c5da1a5abef
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
13641fc5e8caf7dbf32ee87b6f9ba27096509521fab5e67a181ec54952aa9534
14e2df6cfb22dea43b0c566ec08c7eb211aec4cdb6f36fcb7cdecad4625a61fc
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
191f6247d603a830b3e62d296c70055d915036e043f4295aae2f7b57f4996f8d
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84fd145a69970020fc4029a17af14fa9a54d5b1b305504b213624f681c5316
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
254bc5678a6cf5914c2a1ce4b4a6050fe7bd58c8a80cd535a2c0bbe16c59cd77
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a85087049f0ec316114c9c32bd6b66111e6cdf0410965a2f4263e9389e3937
2607454b6ee1a7aa109c730994de6fe21d27e27106b8b2985deb2df0d469c27a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280c466c77d63c15cdf5b9991f69c8f6a799ddc50ac3fecca30da5ee536a42c9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d76e3de88d2b25947ec7c1e560e0090f15acc22ab028706b7a9ac514b3055e2
354c4e3eab5c0a2446e56bf6ededb28a332093ffeffa17ad05dcb4bbaa3f3886
3d174793e0b1270782c7c578d9eebb70c6c50d320e098eeb8dffeeae366a4398
3fab7a31ef55c08bbb5398be0360fa32eb048a507fe3dbc907344e55c62f6971
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41604daf01c265a924382d8402d1efc06095b75d030951d8561d8971429b0837
41978534e078e95197fdd5f953b3fe4ff7c79f617ab0f5e4d5da9d9ca4e68d7c
420c9dd2c66ec340ccdc5942feb438e5f7eae4fe8a983344e00b800472fab265
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ce94fe7a45dab83d96435d04776e00e77d7917e9be6dba208943594016df13
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495f84b47541694624d5e80bb97b7d9766ff08b903386b58c8584e802df81349
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4d429b34a4864bd33d77d0b240f13c196d4cc84784b33cedf242292c00768eb4
51d818ab52bfa2fb326da5c55f66c03637c8f4f930e039b56d8cbb98a92f6a0f
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5de5992e9f7c7b219ed3aa0a548754c74601839d983e6377f8dfd489d277d8b5
601459a3e208a28ad0efc45edd5dfe480785df1365f81fc45acec1231cd16674
604f2b8b47ddb1b918f6a2d2b0717d982716fd41e4e7d55b46261926ad4b3aaf
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d578df472cd76636ba0feaef9922d1d97d175ee0c6cc032c24c62b1e4b8a1b
6669c76bd92f2c9ad7790af31e29340f07f912e9a999fdc6df915b79ef55e386
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f866cfe27176eb8017ed091de1f3491b9a236fdcbab1f7400786bbba81bfeb6
719d77b72b7b6a0fca9f20b4487d90a13c3919ed7c06777fa92b50a9868c0696
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75121240c48bdb8fc8791606c1a387285a7dc3bac930fe437a797785fcac735b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7c66b6d27d1b19170b63ab49294609853d2f3a77c334d3b70bb4d59250d413db
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8020ce97f71b864b4d349c0f1a346f4094fc4b9bb52cfef2ed397751037c1d46
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
885db7384c71405d0a9b91db69e36c0d5298dd587d55b70e8e32e8d9d446b99f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8c1001045aea0845db601e52ab37d66b5e434e52b50a9a6a1ac5bf24e793f5df
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26
90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
9bb4c190c04ef659ba878a531141fdc792a7841d68d1cc82557df9a91dc8047a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a688f331b963b0214605000f50f1513a929c1be0fec2f6203902cc5b45eb4f1a
a71b712be8320d9db7dc911e1edd99b8103deb5ed259b51c3fe11d25ee8d27a8
a7ee3f7a5d07ff9d0a12bde19c3584acdc2943d6525235022f504caa19d3d83a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
addd5a777e5983847ffd319bdc09b126de0f3c8e9d2932882f3054b638f0fcac
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23165d45714710a11cbbd489d172aa149bd0e1b0a27283cc48cb4f6006ae3f5
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5e70e5f633e362053603fecb49595062ef6e570cb4a9f2f5a03885875e2fb14
b84f4b6f467cb25cfddb1654a594c5b090204b4f287a56a44dd895f1bef823f1
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
b95fce424ee6631661bbaf442f82bbfbc5b30f038763cd2c091495f6d5adb559
ba69565dafc3d24aacf5b6acf0f5020d4fbf9d78c3155b1a3c31fc0cd9a07bd7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c04b7e3e7c68a8e4afad602fff77fd68283d6ac84a729bfa3d80c03bc828e702
c080561d92361bacd6c5c1019ae434b9a3f39d0b1ef40936054a9653c43b03d0
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c955cfca991a9fd6817f56f12051cb78a1bd200d1ccfaf457eb567791ae2bcfc
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
cbe72b686c98aad3ca2c58357108742c0cccd68f45cd9d4affd2ddbf3a5e08df
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdebc673a857082bf484561538984c9a975e50f967e231c652b3b4f4dc6d42c7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced
d4a73e5aa95af8cc67d83c4acbe60bdc517bc46356adacdd9d35053ad11a03d9
d5ac0b7a5d7f03543e71669ea74eda2ecea0ac544ba8f889d310f156dfe3f90e
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7b3c66ff6391423e6960f33ad823a24a82abdb66d6a27ba10faf9c5234c1b5b
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e4ab52caaa9e7e1c45e0844b92e139865d1d41eb47c9f5b45b148a550763e606
e77a02ab2ff3103e77af827780f2599811c052bd1683bf37d7cd4310120f8bd8
e89b73fd18f9a4ad97c79af88bb787f7f5e45cffc12ec86d487ffcddf0e82a84
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9eb9418a753a88c081130c8319698fee43ef4bd54fb98884160f85dc7e66ee4
ea3ada4dfc6a0d132e9407f00ff174cec236a202747032d37e9c13c4a6b2d172
eafc9d3c7c8ca6f1b2c87a2a61d3124bf0182afad96275e6bd532d3d4c94d6f0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee165d6542ab5b6f1c84b1898c7718356bfac7e5b864bd981feb11925608b9af
f03322df4bccb954f0ae5d3c6dd9d2ef8cbe62ae80e6baa15078ba0550275129
f07b657f923c1050cc1e0069aa51681dac794f11b687b9e3591603dd2958c3cd
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f3ed025f2eaa7f14b7d5c69338ac5a88f4911b767eaa1f0ed04e51c02a174f07
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5700a3825caf9d62275c048e387f7c1bbf259efea80a0ac9eefc4d1e43dd12b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9504bdaca8fb3054b72d3b98e78cfa02b3e77e4a8687d7d664fae34d7a8cd41
fa977ecba35a48ffaf8654650f4c1042c8caf30951cb733e71521adcc8a8ce54
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fcf0ee214868ee38ec74a53006143dd04f0f5f7ef7ad3491bbad2abf2dbe4262
fd3b62ba67b28f99be389823c2417e24c9ce631a2238e611febe350e7386f7a3
fdf97b6bf209745cbd4c1036119822ecc6aff9ec456dedaef4b1bb3d6fb2a57c

vast.gg Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

94 %HTTPS

30 %IPv6

52 Domains

89 Subdomains

76 IPs

8 Countries

3399 kBTransfer

8780 kBSize

46 Cookies

4 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vast.gg Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

94 %
HTTPS

30 %
IPv6

52
Domains

89
Subdomains

76
IPs

8
Countries

3399 kB
Transfer

8780 kB
Size

46
Cookies

213 HTTP transactions
4 data transactions