www.masonslots.com Open in urlscan Pro
104.18.34.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safeportolavalleymarket.com/
Effective URL:
https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Submission: On May 13 via automatic, source certstream-suspicious (May 13th 2022, 1:42:27 am UTC) — Scanned from DE

Summary HTTP 203 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 62 IPs in 11 countries across 73 domains to perform 203 HTTP transactions. The main IP is 104.18.34.76, located in and belongs to CLOUDFLARENET, US. The main domain is www.masonslots.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 20th 2022. Valid for: a year.

This is the only time www.masonslots.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:1b36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.104.145.13 172.104.145.13	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	2a02:26f0:6a:... 2a02:26f0:6a::210:da32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	172.64.150.25 172.64.150.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	104.18.34.76 104.18.34.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.42.221 104.18.42.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.104.52.162 104.104.52.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	104.17.115.131 104.17.115.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2600:1901:0:6... 2600:1901:0:662c::	15169 (GOOGLE) (GOOGLE)
1 8	23.36.162.85 23.36.162.85	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	88.214.195.94 88.214.195.94	46636 (NATCOWEB) (NATCOWEB)
3	2a02:26f0:d6:... 2a02:26f0:d6::5f65:5329	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	5.45.70.20 5.45.70.20	58061 (SCALAXY-AS) (SCALAXY-AS)
1	66.254.114.89 66.254.114.89	29789 (REFLECTED) (REFLECTED)
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	94.130.141.49 94.130.141.49	24940 (HETZNER-AS) (HETZNER-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3 6	35.212.242.235 35.212.242.235	15169 (GOOGLE) (GOOGLE)
7 7	52.29.193.101 52.29.193.101	16509 (AMAZON-02) (AMAZON-02)
1	54.154.85.177 54.154.85.177	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 14	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1 2	54.229.33.24 54.229.33.24	16509 (AMAZON-02) (AMAZON-02)
1	104.90.150.196 104.90.150.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.58.147.241 52.58.147.241	16509 (AMAZON-02) (AMAZON-02)
2	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.194.10.133 18.194.10.133	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5 5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.247.198.199 34.247.198.199	16509 (AMAZON-02) (AMAZON-02)
1	52.218.106.83 52.218.106.83	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.162.147.254 139.162.147.254	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.50.239.222 52.50.239.222	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.64.115.81 18.64.115.81	16509 (AMAZON-02) (AMAZON-02)
2 2	52.71.149.243 52.71.149.243	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.240.179.113 34.240.179.113	16509 (AMAZON-02) (AMAZON-02)
1 1	18.185.251.21 18.185.251.21	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.122.66.220 3.122.66.220	16509 (AMAZON-02) (AMAZON-02)
1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:224... 2600:9000:224a:dc00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 2	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
1	54.74.252.125 54.74.252.125	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	() ()
203	62

1 2606:4700:3035::6815:1b36 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

safeportolavalleymarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.145.13 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1661-13.members.linode.com

172.104.145.13	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6a::210:da32 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

media.playamopartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.25 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

masonslots.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.masonslots.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 104.18.34.76 (None, )

ASN13335 (CLOUDFLARENET, US)

www.masonslots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.42.221 (None, )

ASN13335 (CLOUDFLARENET, US)

payments-lib.cdn.s7s.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.104.52.162 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-162.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.17.115.131 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.softswiss.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:662c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

rum-http-intake.logs.datadoghq.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.85 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-85.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.94 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:d6::5f65:5329 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.45.70.20 (Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: n-u-d-e.us

matomo.trackbanner.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.114.89 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

ctrack.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.141.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.141.130.94.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.212.242.235 (The Dalles, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 235.242.212.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usw.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.29.193.101 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.85.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-85-177.eu-west-1.compute.amazonaws.com

echoback.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.5.142 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.33.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-33-24.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.150.196 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-150-196.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.147.241 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-147-241.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.10.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-10-133.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.60.138 (Aalborg, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.207 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.198.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-198-199.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.106.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.254 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1414-254.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.239.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.115.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-81.txl50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.149.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-149-243.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.179.113 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-179-113.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.251.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.66.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-220.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Colonia, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:dc00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

api.feedad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.65.124.66 (France) 1 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

tags.feedad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.252.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-252-125.eu-west-1.compute.amazonaws.com

serving.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (None, )

ASN- ()

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	masonslots.com www.masonslots.com	3 MB
27	softswiss.net cdn2.softswiss.net — Cisco Umbrella Rank: 456406	188 KB
17	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 5663 track.adform.net — Cisco Umbrella Rank: 3865 c1.adform.net — Cisco Umbrella Rank: 571 dmp.adform.net — Cisco Umbrella Rank: 2468	38 KB
12	livechatinc.com 1 redirects cdn.livechatinc.com — Cisco Umbrella Rank: 6139 api.livechatinc.com — Cisco Umbrella Rank: 5144 secure.livechatinc.com — Cisco Umbrella Rank: 6295 accounts.livechatinc.com — Cisco Umbrella Rank: 7464	273 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	3 KB
6	sportradarserving.com 3 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2490 usw.sportradarserving.com — Cisco Umbrella Rank: 223456	5 KB
6	datadoghq.eu rum-http-intake.logs.datadoghq.eu — Cisco Umbrella Rank: 13899
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 212	706 B
5	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 45349 tracker.ads.sportradar.com — Cisco Umbrella Rank: 46807 echoback.ads.sportradar.com — Cisco Umbrella Rank: 81578 serving.ads.sportradar.com — Cisco Umbrella Rank: 62513	73 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1158 img.onesignal.com Failed	83 KB
4	feedad.com api.feedad.com — Cisco Umbrella Rank: 8070 tags.feedad.com — Cisco Umbrella Rank: 40325	874 B
4	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 414	1 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 424	3 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 330	549 B
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1247 load77.exelator.com — Cisco Umbrella Rank: 3668	2 KB
3	semasio.net 3 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1171	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	masonslots.site 1 redirects masonslots.site www.masonslots.site	2 KB
2	dmxleo.com 1 redirects public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1878	465 B
2	gstatic.com fonts.gstatic.com	26 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 437	580 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12068	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10010	527 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 887	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2430	4 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1764 mwzeom.zeotap.com — Cisco Umbrella Rank: 1486	895 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 458	891 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 721	572 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 904	688 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	529 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1281	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	2 KB
2	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1073	81 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	519 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 435	678 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	326 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 5643	692 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	826 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9438	2 KB
2	trackbanner.info matomo.trackbanner.info — Cisco Umbrella Rank: 620133	21 KB
2	trackingtraffo.com track.trackingtraffo.com — Cisco Umbrella Rank: 255847	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	113 KB
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2358	463 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 21825	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 741	240 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 663	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1924	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 441	342 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 16969	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	447 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 472	338 B
1	adsafety.net cm.adsafety.net — Cisco Umbrella Rank: 5317	229 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3281	400 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 22051	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1851	274 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 675	712 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 692	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5143	522 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 28487	343 B
1	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 9009	463 B
1	realsrv.com main.realsrv.com — Cisco Umbrella Rank: 110861	418 B
1	exosrv.com main.exosrv.com — Cisco Umbrella Rank: 215342	417 B
1	exoclick.com main.exoclick.com — Cisco Umbrella Rank: 31602	419 B
1	exdynsrv.com main.exdynsrv.com — Cisco Umbrella Rank: 110350	419 B
1	trafficjunky.net ctrack.trafficjunky.net — Cisco Umbrella Rank: 26258	877 B
1	s7s.ai payments-lib.cdn.s7s.ai	720 B
1	playamopartners.com 1 redirects media.playamopartners.com — Cisco Umbrella Rank: 511807	803 B
1	safeportolavalleymarket.com 1 redirects safeportolavalleymarket.com	691 B
203	73

	Domain	Requested by
64	www.masonslots.com	www.masonslots.site www.masonslots.com
27	cdn2.softswiss.net	www.masonslots.com
11	c1.adform.net	1 redirects track.adform.net c1.adform.net
7	x.bidswitch.net	7 redirects
6	rum-http-intake.logs.datadoghq.eu	www.masonslots.com
5	cm.g.doubleclick.net	5 redirects
5	a.sportradarserving.com	3 redirects www.masonslots.com tm.ads.sportradar.com
5	api.livechatinc.com	cdn.livechatinc.com
4	eb2.3lift.com	1 redirects c1.adform.net www.masonslots.com a.sportradarserving.com
4	cdn.livechatinc.com	www.masonslots.com secure.livechatinc.com
3	dmp.adform.net	c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	onesignal.com	cdn.onesignal.com www.masonslots.com
3	www.google-analytics.com	www.googletagmanager.com www.masonslots.com
2	tags.feedad.com	www.masonslots.com a.sportradarserving.com
2	public-prod-dspcookiematching.dmxleo.com	1 redirects www.masonslots.com
2	api.feedad.com	www.masonslots.com a.sportradarserving.com
2	accounts.livechatinc.com	1 redirects cdn.livechatinc.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	match.adsrvr.org	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	e1.emxdgt.com	c1.adform.net
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	rtb-csync.smartadserver.com	c1.adform.net www.masonslots.com
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	track.adform.net	1 redirects www.masonslots.com
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	my.rtmark.net	www.googletagmanager.com www.masonslots.com
2	matomo.trackbanner.info	www.masonslots.site matomo.trackbanner.info
2	track.trackingtraffo.com	www.googletagmanager.com www.masonslots.com
2	www.googletagmanager.com	www.masonslots.site www.googletagmanager.com
2	cdn.onesignal.com	www.masonslots.com cdn.onesignal.com
2	www.masonslots.site	www.masonslots.site
1	serving.ads.sportradar.com	www.masonslots.com
1	usw.sportradarserving.com	www.masonslots.com
1	inv-nets.admixer.net	www.masonslots.com
1	fonts.googleapis.com	secure.livechatinc.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	www.masonslots.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	s2.adform.net	www.masonslots.site
1	echoback.ads.sportradar.com	www.masonslots.com
1	tsyndicate.com	www.masonslots.com
1	main.realsrv.com	www.masonslots.com
1	main.exosrv.com	www.masonslots.com
1	main.exoclick.com	www.masonslots.com
1	main.exdynsrv.com	www.masonslots.com
1	ctrack.trafficjunky.net	www.masonslots.com
1	tm.ads.sportradar.com	www.masonslots.site
1	payments-lib.cdn.s7s.ai	www.masonslots.com
1	masonslots.site	1 redirects
1	media.playamopartners.com	1 redirects
1	safeportolavalleymarket.com	1 redirects
0	img.onesignal.com Failed
203	89

This site contains links to these domains. Also see Links.

Domain
playamopartners.com
www.gamcare.org.uk
www.gamblersanonymous.org.uk
gamanon.org.uk
www.gamblingtherapy.org
www.authorisation.mga.org.mt
www.softswiss.com
authorisation.mga.org.mt

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-28` - `2023-03-28`	a year	crt.sh
s7s.ai Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-04`	a year	crt.sh
livechat.com DigiCert ECC Secure Server CA	`2022-02-25` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.logs.datadoghq.eu DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
trackingtraffo.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-17` - `2022-12-15`	a year	crt.sh
tracker.ads.sportradar.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
matomo.trackbanner.info R3	`2022-03-09` - `2022-06-07`	3 months	crt.sh
*.trafficjunky.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
exdynsrv.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
exoclick.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
exosrv.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
realsrv.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
tsyndicate.com R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsafety.net R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
api.feedad.com GTS CA 1D4	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
tags.feedad.com GTS CA 1D4	`2022-04-15` - `2022-07-14`	3 months	crt.sh
*.ads.sportradar.com Amazon	`2021-09-16` - `2022-10-15`	a year	crt.sh
*.sportradarserving.com Entrust Certification Authority - L1K	`2021-09-29` - `2022-10-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Frame ID: D9707805D51A1E2FF8F5382827D41CB1
Requests: 150 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1
Frame ID: 3C6F2FAF16408C1D67ED21C117E18E3C
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Frame ID: 6A4C8E6744577A3DAB5988A31CF74C97
Requests: 46 HTTP requests in this frame

Frame: https://accounts.livechatinc.com/static/postmessage.html
Frame ID: 42D3CA78E51A8EE601B9B707A92D089C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casino Online - Spiele 1000+ Das Beste Casinospiele im | Mason Slots

Page URL History Show full URLs

https://safeportolavalleymarket.com/ HTTP 302
http://172.104.145.13:18001/in/casino_de/ HTTP 302
https://media.playamopartners.com/redirect.aspx?pid=126522&bid=2041&lpid=552 HTTP 301
https://masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9 HTTP 301
https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9 Page URL
https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref= Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

203
Requests

85 %
HTTPS

16 %
IPv6

73
Domains

89
Subdomains

62
IPs

11
Countries

3555 kB
Transfer

9220 kB
Size

105
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://playamopartners.com/
Title: Partner

Search URL Search Domain Scan URL

URL: https://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: https://www.gamblersanonymous.org.uk/

Search URL Search Domain Scan URL

URL: https://gamanon.org.uk/

Search URL Search Domain Scan URL

URL: https://www.gamblingtherapy.org/

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=1f417374-7580-426d-8969-1f404fce41f8&details=1

Search URL Search Domain Scan URL

URL: https://www.softswiss.com/de

Search URL Search Domain Scan URL

URL: https://authorisation.mga.org.mt/verification.aspx?lang=EN&company=1f417374-7580-426d-8969-1f404fce41f8&details=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safeportolavalleymarket.com/ HTTP 302
http://172.104.145.13:18001/in/casino_de/ HTTP 302
https://media.playamopartners.com/redirect.aspx?pid=126522&bid=2041&lpid=552 HTTP 301
https://masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9 HTTP 301
https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9 Page URL
https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://safeportolavalleymarket.com/ HTTP 302
http://172.104.145.13:18001/in/casino_de/ HTTP 302
https://media.playamopartners.com/redirect.aspx?pid=126522&bid=2041&lpid=552 HTTP 301
https://masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9 HTTP 301
https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9

Request Chain 117

https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D4fce2331-2736-4f50-85b8-d6fa56b245cf HTTP 302
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4fce2331-2736-4f50-85b8-d6fa56b245cf

Request Chain 118

https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1219&id=2897

Request Chain 125

https://track.adform.net/Serving/TrackPoint/?pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.site%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.site%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D

Request Chain 129

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741

Request Chain 132

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1069532889062939928&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1069532889062939928&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cf305b370ccd46fea771367e8c2a5f95 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=6694e724735d274abe88f98ce4c010380abf5a6fb0832df4cc4ecc375fd2e176

Request Chain 134

https://pixel.advertising.com/ups/55944/sync?uid=1069532889062939928&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=1069532889062939928&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794&verify=true

Request Chain 136

https://x.bidswitch.net/sync?dsp_id=70&user_id=1069532889062939928 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1069532889062939928 HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=

Request Chain 137

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741&C=1

Request Chain 138

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1069532889062939928&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1069532889062939928&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=520e627d-b77d-4900-b7cb-24405eff1d41&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=

Request Chain 140

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1069532889062939928 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1069532889062939928&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 141

https://idsync.rlcdn.com/398366.gif?partner_uid=1069532889062939928 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMTA2OTUzMjg4OTA2MjkzOTkyOBAAGg0I_e72kwYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEgncGtgVNoUYAHfzXAzmv4&google_cver=1

Request Chain 142

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent=

Request Chain 145

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 146

https://pixel.onaudience.com/?mapped=1069532889062939928&partner=68 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=0c860b4ec8fe9807 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da30a106839&zcluid=0c860b4ec8fe9807&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEATgvMBeVV3hSc1lt0uG-vU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da30a106839&zcluid=0c860b4ec8fe9807&zdid=1332

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTA2OTUzMjg4OTA2MjkzOTkyOA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOei2Fl2FNrasgKKzlQ4DXo&google_cver=1&google_ula=1641347,0

Request Chain 150

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=2100074151070105870&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=1069532889062939928

Request Chain 154

https://a.audrte.com/a?adform_uid=1069532889062939928 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDQmYM0Kc6jPhYdn2asZx-8&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=1852HYZw8fgTVqzpT7wH2BImA&gdpr=0&gdpr_consent=

Request Chain 155

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1069532889062939928&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1069532889062939928&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=33264791159654517540604559464198248137&noredirect=1

Request Chain 156

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1069532889062939928 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010504150000007951

Request Chain 157

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7097030339599726743

Request Chain 159

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=838d627d-b77d-4c00-b595-f4a9a2da6c59

Request Chain 160

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=MYlGXuEf1NPkjY5

Request Chain 164

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=464484691 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=SfztHYVNhNEm9FVLoplpve

Request Chain 166

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928&cs=1

Request Chain 168

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1069532889062939928&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1069532889062939928&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=0d0f343b-6215-435a-8dcf-31bc60e43c12

Request Chain 170

https://eb2.3lift.com/xuid?mid=7354&xuid=1069532889062939928&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1069532889062939928&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

Request Chain 180

https://accounts.livechatinc.com/licence/g9054575_38/customer?license_id=9054575&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth HTTP 302
https://accounts.livechatinc.com/static/postmessage.html

Request Chain 184

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=36efb8dc-867c-45eb-ad38-f4babec469c2 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&consent=&gdpr_pd=

Request Chain 185

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=2f4107a6-449b-477d-9873-5cae78b6a6c5 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039 HTTP 307
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039&cookieRequired=true

Request Chain 186

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=ab482886-63c8-4e4d-b349-46444d420622 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=

Request Chain 189

https://x.bidswitch.net/syncd?dsp_id=409&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&user_group=2&redir=%2F%2Fusw.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://usw.sportradarserving.com/bsw_sync?bsw_uid=be58ff76-e02f-460a-9863-92213cd93039

203 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.masonslots.site/
Redirect Chain

https://safeportolavalleymarket.com/
http://172.104.145.13:18001/in/casino_de/
https://media.playamopartners.com/redirect.aspx?pid=126522&bid=2041&lpid=552
https://masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9

3 KB
2 KB

40ms
29ms

Document
text/html

172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6edc30e149647e4a3cf3baa0bda24f6dd8d1ee43bc541848d40fb740776ad95a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 70a7b2652aeb9022-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 13 May 2022 01:42:19 GMT
etag: W/"60af643a-c9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 27 May 2021 09:19:54 GMT
server: cloudflare
x-robots-tag: none

Redirect headers

cache-control: max-age=3600
cf-ray: 70a7b2650ac59022-FRA
date: Fri, 13 May 2022 01:42:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 13 May 2022 02:42:19 GMT
location: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
server: cloudflare
vary: Accept-Encoding

GET
H2 200 geoip
www.masonslots.site/ 2 B
89 B 20ms
19ms Fetch
application/octet-stream 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.site/geoip
Requested by: Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

gdcc: DE
date: Fri, 13 May 2022 01:42:19 GMT
gdr: HE
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/octet-stream
cf-ray: 70a7b265bb549022-FRA
content-length: 2

GET
H2 200 favicon.png
www.masonslots.com/resources/images/ 4 KB
4 KB 48ms
21ms Image
image/png 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/resources/images/favicon.png?1652406139812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:19 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 12 May 2022 13:38:01 GMT
server: cloudflare
etag: "627d0db9-1081"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26608e05c92-FRA
content-length: 4225
expires: Fri, 13 May 2022 05:42:19 GMT

GET
H2 200 Primary Request / Show response
www.masonslots.com/ 579 B
462 B 29ms
29ms Document
text/html 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Requested by: Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95af51da08eb2484c1b4f961a980858ffdc293e0b8adbad05751bf5ed711066

Request headers

Referer: https://www.masonslots.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 70a7b266290a5c92-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 13 May 2022 01:42:19 GMT
etag: W/"627d0dc7-243"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 12 May 2022 13:38:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare

GET
H2 200 a7f698cc.css
www.masonslots.com/css/ 28 KB
7 KB 13ms
12ms Stylesheet
text/css 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/css/a7f698cc.css
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325dd1d8ee32b0ffc5bd7286c3f7707cd0a2497a8e4a166d035755a9c64baf35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:19 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:48 GMT
server: cloudflare
age: 80
etag: W/"627d0dac-70c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 70a7b266a9765c92-FRA
expires: Fri, 13 May 2022 05:42:19 GMT

GET
H2 200 index.js Show response
payments-lib.cdn.s7s.ai/v1/ 682 B
720 B 56ms
29ms Script
application/javascript 104.18.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-lib.cdn.s7s.ai/v1/index.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df15a6393e7b31940c1e5a1f8dae2a1aeab20f213aa449ee7123819428519371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:19 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 52781
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 70a7b266dfab9193-FRA
expires: Sun, 15 May 2022 01:42:19 GMT

GET
H2 200 runtime.c49c7209.js Show response
www.masonslots.com/js/ 18 KB
6 KB 13ms
12ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/runtime.c49c7209.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61f14d1ac3c4307323fd4b20c8e83af57933231244f80d7308c73db17e6fe79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:19 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:24 GMT
server: cloudflare
age: 80
etag: W/"627d0dd0-4874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b266a9775c92-FRA
expires: Fri, 13 May 2022 05:42:19 GMT

GET
H2 200 main.c38da438.js Show response
www.masonslots.com/js/ 1 MB
364 KB 13ms
12ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/main.c38da438.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0027b8866577773c4e630023c7bfe1d876a3b62709121ba4fd3c331b91c0b705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:19 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:17 GMT
server: cloudflare
age: 80
etag: W/"627d0dc9-107e43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b266a9785c92-FRA
expires: Fri, 13 May 2022 05:42:19 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 79 KB
24 KB 174ms
19ms Script
application/javascript 104.104.52.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.162 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 217e90023036e23c3a5ade465e89c52a0749c098e5fe6f43ae9e88d35bbad2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: .K5_WQrtwxD84Aw5qTIGO0tAaYe.kzuZ
content-encoding: br
last-modified: Thu, 12 May 2022 08:09:54 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: W/"3c6d45db8ee71a79dcf93efc55f3ed81"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Fri, 13 May 2022 01:42:20 GMT
content-length: 24008
x-amz-cf-id: jcYMnl0IogdPfZ0fuOB-FX8u8BSqAWuAzrWiMZdlz8dc8B6QYIIM6g==
expires: Fri, 13 May 2022 09:42:20 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 54ms
22ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 793
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 70a7b26849cb2373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 16 May 2022 01:42:20 GMT

GET
H2 200 89d77523.css
www.masonslots.com/css/ 57 KB
14 KB 13ms
13ms Stylesheet
text/css 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/css/89d77523.css
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a5e597b0fe6137c1528c96bdc3329aba47ce27d455ba5ff4ebd4b1ca747282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:47 GMT
server: cloudflare
age: 80
etag: W/"627d0dab-e4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 70a7b2681ab55c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 common.8141f956.js Show response
www.masonslots.com/js/ 327 KB
91 KB 13ms
13ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/common.8141f956.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089500ffbcb257c6288f56e5be8d657aeb8d82661271344cd85dad1ff0ab3517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:19 GMT
server: cloudflare
age: 80
etag: W/"627d0dcb-51b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2681ab85c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 vendors.959c8ac7.js Show response
www.masonslots.com/js/ 129 KB
43 KB 13ms
13ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/vendors.959c8ac7.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e2c0f76f948e23b3ab39a31eaec69cfb69275001ef8f14af39dd3e16214fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:22 GMT
server: cloudflare
age: 80
etag: W/"627d0dce-205d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2681abb5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 c26f16ff.css
www.masonslots.com/css/ 56 KB
12 KB 15ms
14ms Stylesheet
text/css 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/css/c26f16ff.css
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a95636847dc56f88cc48ce6c6aa4f7239ee367612e7ca5c0c2f1ba6ea0d268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:48 GMT
server: cloudflare
age: 80
etag: W/"627d0dac-e00a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 70a7b2681abc5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 app.1d73af2d.js Show response
www.masonslots.com/js/ 204 KB
48 KB 15ms
15ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/app.1d73af2d.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e950ce711451e180c7db0a6cdeda2134d75af4cc1c6419efe601363f659ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:20 GMT
server: cloudflare
age: 80
etag: W/"627d0dcc-330a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2681abd5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 project Show response
www.masonslots.com/api/info/ 200 B
285 B 39ms
39ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/info/project

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7004c6cd100ef77588318216defca03cc1a7b2d7f774198600456432378082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683ad65c92-FRA
x-runtime: 0.006544
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cd7004c6cd100ef77588318216defca0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683ad65c92-FRA

GET
H2 200 player Show response
www.masonslots.com/api/ 17 B
397 B 27ms
27ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/player

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72006d81d8e2e779e60db60bf0bdecfae011822b76e1f8dc688d6b27d775f2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683ad75c92-FRA
x-runtime: 0.007281
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"72006d81d8e2e779e60db60bf0bdecfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683ad75c92-FRA

GET
H2 200 current_ip Show response
www.masonslots.com/api/ 86 B
209 B 26ms
26ms XHR
application/json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/api/current_ip
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d748cd651a05e770fc5513140a85dcfd5150a3eac3ebeb1dd2fc8212d2615b

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-runtime: 0.001047
date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
cf-ray: 70a7b2683ad85c92-FRA
x-request-id: 70a7b2683ad85c92-FRA

GET
H2 200 google_tag_manager Show response
www.masonslots.com/api/settings/ 23 B
171 B 35ms
35ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/settings/google_tag_manager

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ed265e88e0f06c87bdd76e41079818c700405cb4c6eb666aa53d731c8d24b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683ad95c92-FRA
x-runtime: 0.006789
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f8ed265e88e0f06c87bdd76e41079818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683ad95c92-FRA

GET
H2 200 locales Show response
www.masonslots.com/api/info/ 501 B
623 B 35ms
35ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/info/locales?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb6e34ed5451b943eec7d84f418e5f57a14658baea10bdab7cc97015240d6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683ada5c92-FRA
x-runtime: 0.007638
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8cb6e34ed5451b943eec7d84f418e5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683ada5c92-FRA

GET
H2 200 cms_locales Show response
www.masonslots.com/api/info/ 501 B
314 B 39ms
39ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/info/cms_locales

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd00f11c9ef7aa834df83817bbe4e96efebf95d0d4c9318133f6561cc7a0a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683adb5c92-FRA
x-runtime: 0.006464
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cbd00f11c9ef7aa834df83817bbe4e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683adb5c92-FRA

GET
H2 200 restrictions Show response
www.masonslots.com/api/ 165 KB
35 KB 33ms
33ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/restrictions

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba73bb29b7e486c14da15d485d510cb7c5fd6c2b4f2aedc7944fcc41ec83afae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683add5c92-FRA
x-runtime: 0.007399
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ba73bb29b7e486c14da15d485d510cb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683add5c92-FRA

GET
H2 200 marks Show response
www.masonslots.com/api/restrictions/ 414 B
319 B 34ms
34ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/restrictions/marks

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69074b2cb0fa476fe451cd60f64e437905ab79edaeb94f4b789716aab0523f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683adf5c92-FRA
x-runtime: 0.005805
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"69074b2cb0fa476fe451cd60f64e4379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683adf5c92-FRA

GET
H2 200 ping.png
cdn2.softswiss.net/ 926 B
1 KB 59ms
34ms Image
image/png 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/ping.png?1652406140161
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11849ca516f93f71253486d07b192542bbdc550ee18e5458e76b89bcd403e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2019 06:47:11 GMT
server: cloudflare
etag: "5d14666f-39e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 70a7b2686ddc9be8-FRA
content-length: 926

GET
H2 200 settings Show response
www.masonslots.com/api/player/ 196 B
286 B 33ms
33ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/player/settings

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164b6eaa39e73a4450eacee02e50be746859d13cc569c7975a88b620c21c8fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2683ae05c92-FRA
x-runtime: 0.007331
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"164b6eaa39e73a4450eacee02e50be74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2683ae05c92-FRA

GET
H2 200 en.json Show response
www.masonslots.com/locales/ 32 KB
11 KB 24ms
24ms XHR
application/json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/locales/en.json?hash=662adaea11686ad6f3ca951a1b157349
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ea6a8b356da7654685f47aecd7f0a24a447deeadd6aee5e445a8ad710d074a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 12 May 2022 13:38:28 GMT
server: cloudflare
etag: W/"627d0dd4-8100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
cf-ray: 70a7b2683ae35c92-FRA

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 preloader.dfad53de.gif
www.masonslots.com/images/ 199 KB
200 KB 15ms
14ms Image
image/gif 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/preloader.dfad53de.gif
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d346f3caa0807df499114aed4df68d5268414a061b9145c2e42376c9b64ad8d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:53 GMT
server: cloudflare
age: 80
etag: "627d0db1-31dc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b2684ae95c92-FRA
content-length: 204230
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 b2e283a5.css
www.masonslots.com/css/ 9 KB
2 KB 13ms
13ms Stylesheet
text/css 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/css/b2e283a5.css
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e5be27b04d82baab79386a3e88e55715bb4d419cfa90e5b5300d3da0541dbc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:48 GMT
server: cloudflare
age: 80
etag: W/"627d0dac-2317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 70a7b2688b1e5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 pages_.efba65a8.js Show response
www.masonslots.com/js/ 83 KB
10 KB 11ms
11ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/pages_.efba65a8.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbabc8b34726da3d26f4467008aa53f003fd3c9c7018647b6bdf26aabc4458f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:17 GMT
server: cloudflare
age: 80
etag: W/"627d0dc9-14b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2688b1f5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 cms-pages_.88b93105.js Show response
www.masonslots.com/js/ 11 KB
5 KB 13ms
13ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/cms-pages_.88b93105.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de9b49dd114ba2198a5d1092d171636061eb1c76817c05a255b6ab6d705569e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:26 GMT
server: cloudflare
age: 21
etag: W/"627d0dd2-2da3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2688b205c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 font-icons.dc998f92.ttf
www.masonslots.com/fonts/ 11 KB
12 KB 12ms
11ms Font
application/octet-stream 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/font-icons.dc998f92.ttf
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0f591d4fd1c7191d7ced9c09a46f1f03006548ef756d9e91328127ae71c22c

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:49 GMT
server: cloudflare
age: 38
etag: "627d0dad-2dd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b268db525c92-FRA
content-length: 11732
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 montserrat-v15-latin-600.0480d2f8.woff2
www.masonslots.com/fonts/ 19 KB
19 KB 12ms
11ms Font
font/woff2 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/montserrat-v15-latin-600.0480d2f8.woff2
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:49 GMT
server: cloudflare
age: 38
etag: "627d0dad-4b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b268db535c92-FRA
content-length: 19264
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 montserrat-v15-latin-regular.b71748ae.woff2
www.masonslots.com/fonts/ 19 KB
19 KB 13ms
13ms Font
font/woff2 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/montserrat-v15-latin-regular.b71748ae.woff2
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:49 GMT
server: cloudflare
age: 38
etag: "627d0dad-4ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b268db545c92-FRA
content-length: 19172
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 montserrat-v15-latin-500.091b2095.woff2
www.masonslots.com/fonts/ 19 KB
19 KB 12ms
12ms Font
font/woff2 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/montserrat-v15-latin-500.091b2095.woff2
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:49 GMT
server: cloudflare
age: 38
etag: "627d0dad-4b48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b268db555c92-FRA
content-length: 19272
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 logo-vertical.4d44c3eb.svg
www.masonslots.com/images/ 36 KB
16 KB 14ms
13ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/logo-vertical.4d44c3eb.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56526d138edda48667eb47a1002ba3a6119cbdc65e7aa255892e2a153fd23ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:52 GMT
server: cloudflare
age: 80
etag: W/"627d0db0-914b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b268fb6b5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 cookie.3175fc6f.svg
www.masonslots.com/images/ 1 KB
513 B 12ms
11ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/cookie.3175fc6f.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0a9c1294a19d04f6770c2d103fed02177217276c05190f9971f1471382a889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:53 GMT
server: cloudflare
age: 80
etag: W/"627d0db1-42b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b2690b6e5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 de.json Show response
www.masonslots.com/locales/ 20 KB
7 KB 19ms
18ms XHR
application/json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/locales/de.json?hash=4d53fe94b216aed390319ea4d2c057ee
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebeb0cb30fe2e9890a5ec0421fd5549e361a15e9b36b7b4fba74854be3be11f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 12 May 2022 13:38:29 GMT
server: cloudflare
etag: W/"627d0dd5-4fe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
cf-ray: 70a7b2692b885c92-FRA

GET
H2 200 pages Show response
www.masonslots.com/api/cms/ 4 KB
1 KB 24ms
23ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/cms/pages

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b939d5a5c3d869baccbec4069c2a6ed6ac6a8ece559f0f4ddb6f0d37a960102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2692b895c92-FRA
x-runtime: 0.004134
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3b939d5a5c3d869baccbec4069c2a6ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2692b895c92-FRA

GET
H2 200 snippets Show response
www.masonslots.com/api/cms/ 35 KB
8 KB 24ms
24ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/cms/snippets

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5e8b6ac53697d1fd9dda09e7d90a1bd8cda3b3e0ac4f280ec262df84adc6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b2692b8a5c92-FRA
x-runtime: 0.004057
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ee5e8b6ac53697d1fd9dda09e7d90a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b2692b8a5c92-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
45 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWQH749&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e42e175142087762147f8ab23f1d4d6d1104e59c6223b243958601954c2dd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46057
x-xss-protection: 0
last-modified: Fri, 13 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 May 2022 01:42:20 GMT

GET
H2 200 cms-pages_de.48c0390f.js Show response
www.masonslots.com/js/ 318 B
319 B 12ms
12ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/cms-pages_de.48c0390f.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0efb00c482d0c6a8cdbfdae195233b6baaa97ae6dbaf681386a67c29b779166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:19 GMT
server: cloudflare
age: 7026
etag: W/"627d0dcb-13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b2697bd75c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

POST
H2 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 105ms
68ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406140400
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 logo.883fda16.svg
www.masonslots.com/images/ 34 KB
15 KB 14ms
14ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/logo.883fda16.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a962034fcddc0a93e3d784746d46ced58069ccc3d0c2bf87accdcda9df1edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:59 GMT
server: cloudflare
age: 38
etag: W/"627d0db7-87d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b2699bef5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 de.svg
cdn2.softswiss.net/i/flags/square/ 206 B
304 B 13ms
13ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/i/flags/square/de.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f381ae98d049d7803bd8a90bd083e1f430fd71bcc8be279beb448f5649f3405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42707
etag: W/"61e66da7-ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b269df589be8-FRA
expires: Fri, 13 May 2022 13:50:33 GMT

GET
H2 200 mga_v.svg
cdn2.softswiss.net/masonslots/logos/security/color/ 10 KB
5 KB 15ms
15ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/security/color/mga_v.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e374aa041f39b7ebfd13d6caac69368552adc460d40203d9c0f0d3b8e34a6b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 07:50:02 GMT
server: cloudflare
age: 42720
etag: W/"605aef2a-27b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b269df599be8-FRA
expires: Fri, 13 May 2022 13:50:20 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 28ms
27ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 702
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 70a7b269faa42373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 16 May 2022 01:42:20 GMT

GET
H2 200 home Show response
www.masonslots.com/api/cms/pages/ 417 B
397 B 39ms
39ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/cms/pages/home

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8277dbd91c7065050af58a458afe3b470525dd24d697de815fcfbcd30b58a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a0c415c92-FRA
x-runtime: 0.013492
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d8277dbd91c7065050af58a458afe3b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a0c415c92-FRA

GET
H2 200 bg.8ae43735.jpg
www.masonslots.com/images/ 58 KB
59 KB 13ms
12ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/bg.8ae43735.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43e98422258ad293f5b30d93d799cd55de95802710150a6ef3e2eb36dc703109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 5529
last-modified: Thu, 12 May 2022 13:37:59 GMT
content-length: 59791
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db7-e98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c685c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 payouts-bg.d6d9aac0.jpg
www.masonslots.com/images/ 23 KB
23 KB 13ms
13ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/payouts-bg.d6d9aac0.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd1ae76357467b97c876864aadd5cdc659fbc5d2ca8bc152a83efc2943ade2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:37:53 GMT
content-length: 23544
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db1-5bf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c695c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 bg-1.38813078.jpg
www.masonslots.com/images/ 36 KB
37 KB 16ms
16ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/bg-1.38813078.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 307b068cf357080ada4fac23b8824eda34830d7737eea1ffe6220ccf34d113da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:38:01 GMT
content-length: 37232
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db9-9170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c6b5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 bg-2.139c6cf1.jpg
www.masonslots.com/images/ 29 KB
29 KB 14ms
13ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/bg-2.139c6cf1.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f11242f7495d4db7c32811d9280ff6b0375e0678896cd2e8e103165d574ef31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:37:59 GMT
content-length: 29755
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db7-743b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c6d5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 bg-3.cdb483e0.jpg
www.masonslots.com/images/ 54 KB
54 KB 13ms
12ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/bg-3.cdb483e0.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d18c91c4a027fa471d7eb1240826abafb07f9892cd1b9486639cbf54d9f26534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:37:59 GMT
content-length: 54823
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db7-d627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c6e5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 bg-4.fa6d054a.jpg
www.masonslots.com/images/ 9 KB
9 KB 14ms
13ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/bg-4.fa6d054a.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 500a7144d03f1a09f468756b8dbc786d0ee0057448760619233676717b96dd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/css/a7f698cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:38:10 GMT
content-length: 9046
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0dc2-2356"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c6f5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 montserrat-v15-latin-900.e66c7edc.woff2
www.masonslots.com/fonts/ 19 KB
19 KB 14ms
13ms Font
font/woff2 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/montserrat-v15-latin-900.e66c7edc.woff2
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:48 GMT
server: cloudflare
age: 5529
etag: "627d0dac-4b28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c705c92-FRA
content-length: 19240
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 montserrat-v15-latin-700.7dbcc8a5.woff2
www.masonslots.com/fonts/ 19 KB
19 KB 20ms
20ms Font
font/woff2 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/fonts/montserrat-v15-latin-700.7dbcc8a5.woff2
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/css/a7f698cc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Request headers

Referer: https://www.masonslots.com/css/a7f698cc.css
Origin: https://www.masonslots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:48 GMT
server: cloudflare
age: 7148
etag: "627d0dac-4c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a3c715c92-FRA
content-length: 19480
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 player_fields Show response
www.masonslots.com/api/info/ 3 KB
962 B 71ms
70ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/info/player_fields

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b010e5a7501082a80e853c6cb0c98e2f4edfb8934a4792572ed2c46b6b40cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a7ca35c92-FRA
x-runtime: 0.010301
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59b010e5a7501082a80e853c6cb0c98e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a7ca35c92-FRA

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 allowed_desktop Show response
www.masonslots.com/api/games/ 1 MB
294 KB 58ms
58ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/games/allowed_desktop

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804481a67e827f8f548d8b0062527b5954ec30a5995257e176844bc6e3b7ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a7ca45c92-FRA
x-runtime: 0.007454
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"804481a67e827f8f548d8b0062527b59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a7ca45c92-FRA

GET
H2 200 games_info Show response
www.masonslots.com/api/ 2 MB
590 KB 33ms
33ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/games_info

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6a3377645529a51c8b479cb2dc976b6028f983d27be699760ccdede9ceb96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a7ca55c92-FRA
x-runtime: 0.006839
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3b6a3377645529a51c8b479cb2dc976b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a7ca55c92-FRA

GET
H2 200 collections Show response
www.masonslots.com/api/games/ 1 KB
762 B 32ms
32ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/games/collections?device=desktop

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8e366637aa2f1fe38254a4ac98b8b5c7af1e89a22ffb3f59febf4c9c72dc39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a7ca65c92-FRA
x-runtime: 0.005953
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ab8e366637aa2f1fe38254a4ac98b8b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a7ca65c92-FRA

GET
H2 200 providers Show response
www.masonslots.com/api/games/ 2 KB
707 B 69ms
68ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/games/providers?device=desktop

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c315e6212a545c73fe683aca4f7a83989af7e5e460aa783485ba6ad0a97af7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26a7ca95c92-FRA
x-runtime: 0.004662
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c315e6212a545c73fe683aca4f7a8398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26a7ca95c92-FRA

GET
H2 200 privileges.6abe9fe8.svg
www.masonslots.com/images/ 941 B
576 B 11ms
10ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/privileges.6abe9fe8.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647e1d23dfce5135fb3003a7fc47f300eb4981bbe7d70a23fe4fdcf8145b7088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:53 GMT
server: cloudflare
age: 1845
etag: W/"627d0db1-3ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a7caa5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 slots.3838510f.svg
www.masonslots.com/images/ 937 B
484 B 12ms
10ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/slots.3838510f.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317d82a0abd374a6ab6701a2eea1c290f5718f5f230a4fdede431ff7235db048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:52 GMT
server: cloudflare
age: 2400
etag: W/"627d0db0-3a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a7cab5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 payment.1e547d3a.svg
www.masonslots.com/images/ 463 B
381 B 16ms
14ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/payment.1e547d3a.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf66e74564659f98eeb6ec66f3f7f3f996ec99cb5ef43a0d8d2f1f67c6b7c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:51 GMT
server: cloudflare
age: 2401
etag: W/"627d0daf-1cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a7cac5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 payments-trust.1763d0cb.png
www.masonslots.com/images/ 4 KB
4 KB 13ms
11ms Image
image/png 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/payments-trust.1763d0cb.png
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd3f51f1073419d29c6f78fa23d0e7a013d913ac6bb345c2674d9227384a2f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:51 GMT
server: cloudflare
age: 1845
etag: "627d0daf-118a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a7cad5c92-FRA
content-length: 4490
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 trustly.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 1 KB
762 B 18ms
15ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/trustly.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2cb1845e7b6c0432cd87305053679c441c3c6367be1ac2350549ccdaa24037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-4d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a78099be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 visa.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 904 B
679 B 18ms
14ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/visa.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71e2fbcad49e8bc62fb8d9e8a4c0f77d5f91bcc18b7f601cdfc71f775bdef1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a780a9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 mastercard.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 5 KB
2 KB 20ms
17ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/mastercard.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3e5f1d5d0e5ff4944fc4bc69394ed951e137a0889c15daca893baa4593fd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-1240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a780b9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 bank_transfer.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 7 KB
3 KB 18ms
14ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/bank_transfer.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d1330d012f39e9bbba24b5177cf1ae2626b84b2aae47fe9307321611711fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-1a5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a880e9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 skrill.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 1 KB
713 B 18ms
14ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/skrill.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29702fcb88275615270cf713d1d4b5522e6dd6da063fb2f2733b1d660deb026f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-48d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a880f9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 neteller.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 1 KB
702 B 25ms
21ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/neteller.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44e6e48634709c4c5fe291879445cab8325b047f7a88db7db3484bcfe30cf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88109be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 paysafecard.svg
cdn2.softswiss.net/masonslots/logos/payments/color/ 2 KB
1 KB 19ms
15ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/payments/color/paysafecard.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c09343f798e6e9b57ca335d1ef029ef29745938598b650bd0cd776401d32dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-9fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88119be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 hero.e954919c.jpg
www.masonslots.com/images/ 44 KB
45 KB 24ms
20ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/hero.e954919c.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d430b68776a196399ba0cefd56d32aab4b07a29de4831e01b07d1d44920e4ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:37:52 GMT
content-length: 45508
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db0-b1c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a8cb15c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 netent.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 597 B
417 B 18ms
14ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/netent.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e828929ba8423ace72a85061f6c329e719aa99e6113898cf4c7233d25a8934b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-255"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88139be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 evolution.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 9 KB
3 KB 18ms
14ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/evolution.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 552953dc2d174a872a48342a7c1878c7a631ada95d9ab71bd60118f959a48622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-237c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88159be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 betsoft.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 4 KB
2 KB 19ms
15ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/betsoft.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e69eafe2012433a241b4f927b86bcf3d7596c14181d961f0b7a15084177059e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-10be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88179be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 yggdrasil.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 9 KB
4 KB 22ms
18ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/yggdrasil.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eda43bedf6fd0e8eedb58e4beb5fd87fdc00f2293ef1bc2ec4d5f08d8fbd68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-2218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a881d9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 thunderkick.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 4 KB
2 KB 20ms
17ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/thunderkick.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca3bc2eaf02809639c22f47f7744e012f6f6dbf9a4016e54ad57793ff6fc954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-112d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a881e9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 quickspin.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 3 KB
2 KB 20ms
17ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/quickspin.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c85f9e8f6e785755cb1b7dbdcb296c15d14e619eaac97da72c93704d262449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42631
etag: W/"61e66da7-c61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a881f9be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 playngo.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 5 KB
2 KB 21ms
18ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/playngo.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9199cba4df979a407b2fa52e133b4162aa13cd30cc4f6f868352b132feacdca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42630
etag: W/"61e66da7-13ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88219be8-FRA
expires: Fri, 13 May 2022 13:51:50 GMT

GET
H2 200 nyx.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 6 KB
3 KB 22ms
19ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/nyx.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c7ab7279a503578eb69fb9d5ac36f4ebd669ea66bdddf77c2586cd03aad39f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42630
etag: W/"61e66da7-17a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88239be8-FRA
expires: Fri, 13 May 2022 13:51:49 GMT

GET
H2 200 elk.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 2 KB
1 KB 24ms
21ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/elk.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546471ff485fe878642005a378a8b874b3b0ee0e73e2bb47c0254ba0f873c88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42630
etag: W/"61e66da7-946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88259be8-FRA
expires: Fri, 13 May 2022 13:51:50 GMT

GET
H2 200 amatic.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 3 KB
1 KB 23ms
20ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/amatic.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde0ba753e08cdaef64280d3af9b41f3db133a0c25fbc8f6ca55bc3f1937c199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42630
etag: W/"61e66da7-d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88269be8-FRA
expires: Fri, 13 May 2022 13:51:50 GMT

GET
H2 200 pragmatic.svg
cdn2.softswiss.net/masonslots/logos/providers/white/ 3 KB
1 KB 22ms
19ms Image
image/svg+xml 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/logos/providers/white/pragmatic.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1165c637cdd6da23b14e28da29623b81ab2c454f0e30515031107a7b165cd411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
server: cloudflare
age: 42630
etag: W/"61e66da7-a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 70a7b26a88279be8-FRA
expires: Fri, 13 May 2022 13:51:50 GMT

GET
H2 200 payouts.832a3ae5.svg
www.masonslots.com/images/ 21 KB
9 KB 26ms
24ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/payouts.832a3ae5.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d3f3547a261a84018eaf7c6cabe178e681d8e078ac819d7c3b345f6e0a17b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:00 GMT
server: cloudflare
age: 20
etag: W/"627d0db8-54c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a8cb45c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 payment-logos.adac8a54.svg
www.masonslots.com/images/ 19 KB
8 KB 14ms
11ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/payment-logos.adac8a54.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab9ce9040598160960b8705534fe62f33095bf6b4c71cb3c018fa8b94b79a8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:01 GMT
server: cloudflare
age: 20
etag: W/"627d0db9-4d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a8cb55c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 support-dealer.0669557f.png
www.masonslots.com/images/ 24 KB
24 KB 18ms
16ms Image
image/png 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/support-dealer.0669557f.png
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3df5f0f7f21c9beb355335ee751e0018875059107defb138d52463dee98741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:53 GMT
server: cloudflare
age: 20
etag: "627d0db1-5fc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a8cb65c92-FRA
content-length: 24518
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 rewards.065fe00c.png
www.masonslots.com/images/ 61 KB
61 KB 14ms
12ms Image
image/png 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/rewards.065fe00c.png
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b4969cfa14f849ac887eee9218de1e5990fa01910c6c6774c0b0c2e85c4d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:08 GMT
server: cloudflare
age: 20
etag: "627d0dc0-f221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a8cb75c92-FRA
content-length: 61985
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 star.44eac65f.svg
www.masonslots.com/images/ 496 B
391 B 26ms
24ms Image
image/svg+xml 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/star.44eac65f.svg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf7a203151a2cfbf8d55a033476a4018d11e7040780c8c3fa424aac32629e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:53 GMT
server: cloudflare
age: 20
etag: W/"627d0db1-1f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 70a7b26a8cb85c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 askgamblers-a.09ca69c1.jpg
www.masonslots.com/images/ 977 B
1 KB 21ms
19ms Image
image/jpeg 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.masonslots.com/images/askgamblers-a.09ca69c1.jpg
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b1793cec52c2231c73d4669e726f3f25c4df563085d71c7f7b408f7595e2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cf-cache-status: HIT
age: 20
last-modified: Thu, 12 May 2022 13:38:01 GMT
content-length: 977
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "627d0db9-3d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70a7b26a8cba5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 8f53e8d6.css
www.masonslots.com/css/ 6 KB
2 KB 25ms
23ms Stylesheet
text/css 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/css/8f53e8d6.css
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a78ef6a0feaa6b4e96ec899bcdb6b556517d7e6fbbf8116e2ddf41bd5d894e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:37:47 GMT
server: cloudflare
age: 80
etag: W/"627d0dab-1776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 70a7b26a8cbb5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 pages_games.3bd62ee5.js Show response
www.masonslots.com/js/ 14 KB
3 KB 25ms
24ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/pages_games.3bd62ee5.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8f35232ad6b6626935b4ac887d4f9aa05e173ccfbb6a9ba0a842ddc24bfb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:17 GMT
server: cloudflare
age: 80
etag: W/"627d0dc9-3906"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b26a8cbc5c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 384 B
598 B 651ms
509ms Script
application/javascript 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D&group_id=0&channel_type=code&jsonp=__jvtao6z148a

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb6c1b9dbd6c867f2829d315951519ca0a3afadf6eccd6c54ba2155beb1dbfa7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.masonslots.com/;
X-Frame-Options	allow-from https://www.masonslots.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.masonslots.com/;
vary: Accept-Encoding
x-frame-options: allow-from https://www.masonslots.com/
date: Fri, 13 May 2022 01:42:21 GMT
content-length: 384
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

POST
H3 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 29ms
20ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406140574
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 62ms
61ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406140635
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WYN08PVV9R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWQH749&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6751df043bdb8a20522909e385cca0eaa2f914cef854b8db0566d29131271f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69625
x-xss-protection: 0
expires: Fri, 13 May 2022 01:42:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWQH749&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4991
date: Fri, 13 May 2022 00:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 13 May 2022 02:19:09 GMT

GET
H/1.1 200
OK js Show response
track.trackingtraffo.com/pixel/ 607 B
900 B 364ms
98ms Script
text/javascript 88.214.195.94
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.trackingtraffo.com/pixel/js?auth=jvpu6s7p&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur={CURRENCY}&amount={DEPOSIT}
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWQH749&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.94 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: ce39103f153e3b9d491984a38e2ec690d62a15f889cd5c9e2f0c805228522dfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 607
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 220 KB
31 KB 131ms
10ms Script
application/javascript 2a02:26f0:d6::5f65:5329
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAJW
Requested by: Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:d6::5f65:5329 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6223932455e13e1d20ed52304aee8cc62ccffb3fffbc54d54b8d69b434df691b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
cache-control: max-age=900, public
vary: Accept-Encoding
content-type: application/javascript
x-n: S
content-length: 31265
apigw-requestid: SCiDgjm2DoEEPbA=

GET
H/1.1 200
OK matomo.js Show response
matomo.trackbanner.info/ 63 KB
21 KB 76ms
33ms Script
application/javascript 5.45.70.20
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.trackbanner.info/matomo.js
Requested by: Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.45.70.20 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: n-u-d-e.us
Software: nginx/1.14.1 /
Resource Hash: 3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 13 May 2022 01:42:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 20:35:32 GMT
Server: nginx/1.14.1
ETag: W/"6227be14-fa13"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600, public
Connection: keep-alive
Expires: Fri, 13 May 2022 02:42:20 GMT

GET
H/1.1 200
OK ctrack
ctrack.trafficjunky.net/ 35 B
877 B 40ms
21ms Image
image/gif 66.254.114.89
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=masonslots.com&cookiename=notregistered&age=259200&maxcookiecount=10
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.114.89 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: openresty /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:20 GMT
server: openresty
access-control-max-age: 86400
access-control-allow-methods: GET,POST
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type
content-length: 35
x-request-id: 627DB77C-42FE725901BB891C-217C67D9
expires: Sun, 22 Jan 1984 03:00:00 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ 0
419 B 58ms
13ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=fba3ddf247c403b1ec091686df9c1087
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:20 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 58ms
13ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=fba3ddf247c403b1ec091686df9c1087
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:20 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exosrv.com/ 0
417 B 66ms
15ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exosrv.com/tag.php?goal=fba3ddf247c403b1ec091686df9c1087
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:20 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ 0
418 B 55ms
13ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=fba3ddf247c403b1ec091686df9c1087
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:20 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 3989abf8-5762-49c1-a9c3-634eccc64f58
tsyndicate.com/api/v1/retargeting/set/ 35 B
463 B 223ms
194ms Image
image/gif 94.130.141.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/3989abf8-5762-49c1-a9c3-634eccc64f58
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.141.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.141.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:20 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: f2dedfba7180d1a2
expires: 0

GET
H2 200 zxcvbn.493f8969.js Show response
www.masonslots.com/js/ 799 KB
430 KB 21ms
21ms Script
application/javascript 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.masonslots.com/js/zxcvbn.493f8969.js
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/runtime.c49c7209.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11d2126c21d6cc0a2fb27d796e7c930357c0799fb92b776cbaa68a907f4bd2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 13:38:24 GMT
server: cloudflare
age: 18
etag: W/"627d0dd0-c7df6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70a7b26b5da05c92-FRA
expires: Fri, 13 May 2022 05:42:20 GMT

GET
H2 200 currencies Show response
www.masonslots.com/api/info/ 796 B
301 B 45ms
45ms XHR
application/vnd.softswiss.v1+json 104.18.34.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.masonslots.com/api/info/currencies

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436626a4998153dc002a1e7655a8e6d77fca7202f935476db35c6953b55ae752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 70a7b26b7db35c92-FRA
x-runtime: 0.004275
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"436626a4998153dc002a1e7655a8e6d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b26b7db35c92-FRA

GET
H2 200 web Show response
onesignal.com/api/v1/sync/69d3d1c9-f89e-4767-97b1-2b8316282b18/ 5 KB
2 KB 323ms
313ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/69d3d1c9-f89e-4767-97b1-2b8316282b18/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1f98d6b47daa0548ca80d907d9af7a3fd6f784db11fca849250fce25d16886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 067b5662-e29a-4f7c-95b0-48a8246adee7
x-runtime: 0.020966
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8c1f98d6b47daa0548ca80d907d9af7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 70a7b26babbc2373-ZRH
access-control-allow-headers: SDK-Version
expires: Fri, 13 May 2022 02:42:21 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f379239f4914a736aa5136dbe4ca889a73e70d52da9da113a212afc249e87c66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 55ms
55ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406141084
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WYN08PVV9R&gtm=2oe5b0&_p=1580431638&_z=ccd.tfB&cid=494814721.1652406141&ul=en-us&sr=1600x1200&_s=1&sid=1652406140&sct=1&seg=0&dl=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D&dr=https%3A%2F%2Fwww.masonslots.site%2F&dt=Casino%20Online%20-%20Spiele%201000%2B%20Das%20Beste%20Casinospiele%20im%20%7C%20Mason%20Slots&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYN08PVV9R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.masonslots.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
track.trackingtraffo.com/ 0
260 B 103ms
102ms Image
text/plain 88.214.195.94
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.trackingtraffo.com/pixel?auth=jvpu6s7p&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=%7BCURRENCY%7D&amount=%7BDEPOSIT%7D&site=www.masonslots.com&ln=en-US
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.94 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 47ms
13ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=326537ad946a00ee0149f9563be54212b00e6bc2f9d3b35f2d81178f187f91f3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWQH749&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

22310678bdda2cca80cbf8094c7637744554c6d22b4c4e5e46e21df862b0a8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1580431638&t=pageview&_s=1&dl=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D&dr=https%3A%2F%2Fwww.masonslots.site%2F&ul=en-us&de=UTF-8&dt=Casino%20Online%20-%20Spiele%201000%2B%20Das%20Beste%20Casinospiele%20im%20%7C%20Mason%20Slots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1972312302&gjid=1412014566&cid=494814721.1652406141&tid=UA-194747829-1&_gid=1489265912.1652406141&_r=1&gtm=2wg5b0KWQH749&z=1251328809

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.masonslots.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Response matomo.php
matomo.trackbanner.info/ 0
0 75ms
75ms Ping
text/html 5.45.70.20
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.trackbanner.info/matomo.php?action_name=Casino%20Online%20-%20Spiele%201000%2B%20Das%20Beste%20Casinospiele%20im%20%7C%20Mason%20Slots&idsite=4&rec=1&r=307259&h=1&m=42&s=21&url=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D&urlref=https%3A%2F%2Fwww.masonslots.site%2F&_id=b23c312d1daccc95&_idn=1&_refts=1652406141&_ref=https%3A%2F%2Fwww.masonslots.site%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=UOFVNR&pf_net=0&pf_srv=29&pf_tfr=2&pf_dm1=301
Requested by: Host: matomo.trackbanner.info
URL: https://matomo.trackbanner.info/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.45.70.20 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: n-u-d-e.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 39 KB
12 KB 31ms
9ms Script
application/javascript 2a02:26f0:d6::5f65:5329
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAJW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:d6::5f65:5329 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "5ff82a1c468a89919e9437d33e0402cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
content-length: 11553
x-amz-cf-id: dhQvvdRXpYlBThXv-vSaAg-Z1OlIbaG93mJpCSt0ucF_WnFq2t2vow==

GET
H2

200

_adsCookieSyncCallback Show response
echoback.ads.sportradar.com/echoBack/
Redirect Chain

https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D4fc...
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4fce2331-2736-4f50-85b8-d6fa56b245cf

74 B
384 B

114ms
30ms

Script
application/javascript

54.154.85.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4fce2331-2736-4f50-85b8-d6fa56b245cf

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

Server

54.154.85.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-85-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d37c24134d53a181f23c4e3d6809b53e4655690ec3804f1687fe481abd898e76

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'self'
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 74
x-xss-protection: 1; mode=block
expires: 0

Redirect headers

Location: https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4fce2331-2736-4f50-85b8-d6fa56b245cf
Date: Fri, 13 May 2022 01:42:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1219&id=2897

2 KB
3 KB

322ms
166ms

Script
text/javascript

35.212.242.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1219&id=2897
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Server: 35.212.242.235 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.242.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 387bfdb744dd455be9e7aa6f50681084b0d687aad8b8190fc42288c49a2fe25e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2326
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1219&id=2897
date: Fri, 13 May 2022 01:42:21 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 4 KB
2 KB 175ms
175ms Script
application/javascript 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=9054575&version=296955.9.9.37862.593.612.266.13.3.3.3.244&group_id=38&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6dd93a3c7c4b7e4a56d378cd0c3f5db99576264d4f64e4f0932d52ff69426022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 1401
expires: Fri, 13 May 2022 01:52:21 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
29 KB 163ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.masonslots.site
URL: https://www.masonslots.site/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 sp-2.14.0.js Show response
tracker.ads.sportradar.com/dist// 98 KB
30 KB 11ms
11ms Script
application/javascript 2a02:26f0:d6::5f65:5329
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-2.14.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:d6::5f65:5329 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
content-length: 30370
x-amz-cf-id: 5k2y4BsGJNfHtdHnZPguefe0_lqKQVNaiFar1w5TG4x9ewID_FvMmg==

POST
H3 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 38ms
37ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406141306
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 3C6F 4 KB
2 KB 182ms
15ms Document
text/html 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27f949ba546b6b37e0238f5adb5eded2635a7ef4ffa7907da971719ff40fab62

Request headers

Referer: https://www.masonslots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1987
content-type: text/html; charset=utf-8
date: Fri, 13 May 2022 01:42:21 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 16ms
16ms Script
application/javascript 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=38&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=97
content-length: 3776
expires: Fri, 13 May 2022 01:43:58 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.s...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonsl...

851 B
1 KB

19ms
19ms

Script
text/javascript

37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.site%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

291c7bd399a8acbc8539731b9c7e5c3cad40827e251c24512eb3ba438af2e0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 687
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.site%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 6A4C 5 KB
2 KB 62ms
17ms Document
text/html 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=2515731&ADFPageName=masonslots-notregistered&ADFdivider=%7C&ord=560276756414&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.masonslots.site%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e12deb83d976c8fa18f1bcad551b8cf239d7335b0a61a63812bc97a04afb8496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.masonslots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 01:42:21 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
343 B 68ms
18ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=1069532889062939928&stamp=xwMyXY4bfk4DvP-67D9Y4w2

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 May 2022 01:42:21 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6A4C 0
261 B 17ms
16ms Image
text/plain 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6A4C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741

43 B
423 B

33ms
33ms

Image
image/gif

54.229.33.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 54.229.33.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-33-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 May 2022 01:42:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1069532889062939928&Expiration=1653615741
date: Fri, 13 May 2022 01:42:21 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6A4C 0
522 B 64ms
19ms Image
text/plain 104.90.150.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=1069532889062939928

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.90.150.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-150-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 12 May 2022 01:42:21 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 6A4C 0
214 B 51ms
9ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6A4C
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1069532889062939928&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1069532889062939928&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cf305b370ccd46fea...
https://c1.adform.net/serving/cookie/match?party=9&uid=6694e724735d274abe88f98ce4c010380abf5a6fb0832df4cc4ecc375fd2e176

35 B
467 B

16ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=6694e724735d274abe88f98ce4c010380abf5a6fb0832df4cc4ecc375fd2e176

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=6694e724735d274abe88f98ce4c010380abf5a6fb0832df4cc4ecc375fd2e176
date: Fri, 13 May 2022 01:42:21 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6A4C 43 B
163 B 141ms
20ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1069532889062939928&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 6A4C
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=1069532889062939928&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=1069532889062939928&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794&verify=true

0
121 B

10ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=1069532889062939928&_origin=1&apid=UPee82e586-d25d-11ec-b16c-02080fde3794&verify=true
date: Fri, 13 May 2022 01:42:21 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 6A4C 43 B
712 B 100ms
38ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1652406140471088-546
Expires: Fri, 13 May 2022 01:42:21 GMT

GET
H2

204

put
e1.emxdgt.com/ Frame 6A4C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=1069532889062939928
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1069532889062939928
https://e1.emxdgt.com/put?d=d21&uid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=

0
59 B

52ms
7ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=
Date: Fri, 13 May 2022 01:42:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6A4C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741&C=1

43 B
1006 B

51ms
51ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 13 May 2022 01:42:21 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1069532889062939928&expiration=1653615741&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Fri, 13 May 2022 01:42:21 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 6A4C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1069532889062939928&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1069532889062939928&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=520e627d-b77d-4900-b7cb-24405eff1d41&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=

70 B
265 B

76ms
29ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
frontend-id: 14
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 6A4C 0
344 B 38ms
7ms Image
text/plain 3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1069532889062939928&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:21 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 6A4C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1069532889062939928
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1069532889062939928&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
333 B

90ms
13ms

Image
image/gif

2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-nzt: AcO1rzUZqaD/nekFAA
x-accel-expires: @1653055456
date: Fri, 13 May 2022 01:42:21 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: +HTJ7rwePJ8
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 387485
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 6A4C
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=1069532889062939928
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMTA2OTUzMjg4OTA2MjkzOTkyOBAAGg0I_e72kwYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEgncGtgVNoUYAHfzXAzmv4&google_cver=1

42 B
60 B

16ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEgncGtgVNoUYAHfzXAzmv4&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 01:42:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEgncGtgVNoUYAHfzXAzmv4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/ Frame 6A4C
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent=

49 B
278 B

31ms
31ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.4.80
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=1069532889062939928/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.20.32
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 6A4C 62 B
304 B 195ms
160ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:21 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 6A4C 43 B
274 B 52ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 6A4C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

127ms
35ms

Image
image/gif

52.218.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Server: 52.218.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:23 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: R34M5C487W2DKZ9P
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 6y92btGQDq1w/uay075IJ3zFWGBYjDXKcLidIdB8BI8acY+7FchVey6c7xE4RDpCAt04hcPZMkE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 13 May 2022 01:42:21 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6A4C
Redirect Chain

https://pixel.onaudience.com/?mapped=1069532889062939928&partner=68
https://spl.zeotap.com/?zdid=1332&zcluid=0c860b4ec8fe9807
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da30a106839&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEATgvMBeVV3hSc1lt0uG-vU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da...

95 B
164 B

41ms
40ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEATgvMBeVV3hSc1lt0uG-vU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da30a106839&zcluid=0c860b4ec8fe9807&zdid=1332
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 70a7b2735e8801e3-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEATgvMBeVV3hSc1lt0uG-vU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4162884d-7b38-445e-7bf2-e92ba154f2c9&reqId=160e7b75-13d9-4cc4-7dfe-0da30a106839&zcluid=0c860b4ec8fe9807&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame 6A4C 43 B
229 B 64ms
18ms Image
image/gif 139.162.147.254
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.147.254 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1414-254.members.linode.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6A4C 0
338 B 104ms
29ms Image
text/plain 52.50.239.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.239.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-239-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=102 t=1652406141
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 6A4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTA2OTUzMjg4OTA2MjkzOTkyOA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOei2Fl2FNrasgKKzlQ4DXo&google_cver=1&google_ula=1641347,0

35 B
467 B

16ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOei2Fl2FNrasgKKzlQ4DXo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOei2Fl2FNrasgKKzlQ4DXo&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 6A4C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=2100074151070105870&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=1069532889062939928

43 B
1006 B

7ms
7ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=1069532889062939928

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e088b3c-4afc-43cf-ba1c-377dd131a7fb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=1069532889062939928
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6A4C 0
261 B 18ms
16ms Image
text/plain 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6A4C 42 B
447 B 249ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 6A4C 43 B
444 B 100ms
19ms Image
image/gif 18.64.115.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-81.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 12 May 2022 16:22:14 GMT
Via: 1.1 5ea5681c91ed88c9c3af7fc72fa26702.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
Age: 33607
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: TXL50-P4
Content-Length: 43
X-Amz-Cf-Id: Vx1EL8oj_Ct5K85jd1Wpk8UiryY97qs_acvLr0oueL7EAroR890mJg==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 6A4C
Redirect Chain

https://a.audrte.com/a?adform_uid=1069532889062939928
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDQmYM0Kc6jPhYdn2asZx-8&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=1852HYZw8fgTVqzpT7wH2BImA&gdpr=0&gdpr_consent=

0
344 B

7ms
7ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=1852HYZw8fgTVqzpT7wH2BImA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Fri, 13 May 2022 01:42:22 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=1852HYZw8fgTVqzpT7wH2BImA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6A4C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1069532889062939928&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1069532889062939928&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=33264791159654517540604559464198248137&noredirect=1

35 B
467 B

17ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=33264791159654517540604559464198248137&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v031-0d4014aca.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aSj32yxaRuw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=33264791159654517540604559464198248137&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6A4C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1069532889062939928
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010504150000007951

35 B
467 B

56ms
17ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010504150000007951

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165010504150000007951
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6A4C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7097030339599726743

35 B
467 B

42ms
17ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7097030339599726743

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7097030339599726743
Date: Fri, 13 May 2022 01:42:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 6A4C 62 B
587 B 160ms
159ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6A4C
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=838d627d-b77d-4c00-b595-f4a9a2da6c59

35 B
467 B

17ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=838d627d-b77d-4c00-b595-f4a9a2da6c59

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Fri, 13 May 2022 01:42:22 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=838d627d-b77d-4c00-b595-f4a9a2da6c59
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 13 May 2022 01:42:21 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6A4C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=MYlGXuEf1NPkjY5

35 B
467 B

17ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=MYlGXuEf1NPkjY5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 13 May 2022 01:42:21 GMT
Server: PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-057420aad53a017a6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=MYlGXuEf1NPkjY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6A4C 70 B
264 B 97ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 6A4C 0
72 B 356ms
87ms Image
text/plain 69.169.86.38
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.86.38 Colonia, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 6A4C 43 B
1 KB 34ms
8ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=1069532889062939928

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6A4C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=464484691
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=SfztHYVNhNEm9FVLoplpve

35 B
467 B

17ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=SfztHYVNhNEm9FVLoplpve

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:21 GMT
via: 1.1 google
last-modified: Fri, 13 May 2022 01:42:22 GMT
server: Weborama Collect Frontend
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=SfztHYVNhNEm9FVLoplpve
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6A4C 23 B
172 B 114ms
40ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 13 May 2022 01:42:22 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 6A4C
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1069532889062939928&cs=1
date: Fri, 13 May 2022 01:42:22 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 6A4C 0
240 B 52ms
10ms Image
text/plain 2600:9000:224a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 3QWmieZO-WJ6hb5zHUGWXEeqOrO0URPC5Xk1sZ6oLi6uVsyvX7_9gQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6A4C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1069532889062939928&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1069532889062939928&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=0d0f343b-6215-435a-8dcf-31bc60e43c12

35 B
476 B

16ms
16ms

Image
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=0d0f343b-6215-435a-8dcf-31bc60e43c12

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 01:42:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=0d0f343b-6215-435a-8dcf-31bc60e43c12
date: Fri, 13 May 2022 01:42:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 1069532889062939928
match.contentexchange.me/adform/ Frame 6A4C 0
49 B 172ms
45ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/1069532889062939928?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 6A4C
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=1069532889062939928&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1069532889062939928&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=1069532889062939928&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=1069532889062939928&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 13 May 2022 01:42:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 put
e1.emxdgt.com/ Frame 6A4C 0
22 B 8ms
6ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=1069532889062939928
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
content-length: 0
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6A4C 0
261 B 16ms
16ms Image
text/plain 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1069532889062939928&agencyId=8133&advertiserId=2110669&src=tp&rnd=731933
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ Frame 3C6F 5 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae9eb832495b375e14e3efb8d1711b5a849d3782fcf1b4e9fa3569a9e2dee83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 01:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 01:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 01:42:21 GMT

GET
H2 200 0.15fb1a69.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3C6F 208 KB
68 KB 20ms
19ms Script
application/javascript 104.104.52.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.162 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 86bJfdBwIYbEsHS0KhR0VEcn3IKNjCyV
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:07:27 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: W/"e1c5ae761b035e078f16539c7a724199"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 13 May 2022 01:42:21 GMT
content-length: 69251
x-amz-cf-id: HnVfIAbvGXt8e2v2k-wR11Livx6Wms648njnLVS9_12x_gNC4Lw9wQ==
expires: Sat, 13 May 2023 01:42:21 GMT

GET
H2 200 2.cfcaf31c.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3C6F 218 KB
62 KB 44ms
40ms Script
application/javascript 104.104.52.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.cfcaf31c.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.162 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: brd0wPPM5.aLIcQHuAe6lW.kaBDXniO6
content-encoding: br
last-modified: Thu, 28 Apr 2022 12:44:59 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P1
etag: W/"ae006549d13fe0e4c037c6bcad6ec22c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 13 May 2022 01:42:21 GMT
content-length: 63082
x-amz-cf-id: ft1Tw6vXnwvrcG3aJWCo2q065KPyt9Zx2MDXoY1wgJRuNhNOn09yFA==
expires: Sat, 13 May 2023 01:42:21 GMT

GET
H2 200 iframe.5661c05b.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3C6F 408 KB
110 KB 49ms
46ms Script
application/javascript 104.104.52.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.5661c05b.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=38&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.162 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6cd219b08c579be082c59267cc5d63e54659d419b55f4f1bd4bc90ddd32d3119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: whW6.ul8yztMKpPkff35sKbnDG1XrYsr
content-encoding: br
last-modified: Thu, 12 May 2022 08:09:56 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: W/"7d5e5ba1726a44b3c9c3169e5f98d5f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 13 May 2022 01:42:21 GMT
content-length: 111677
x-amz-cf-id: F7eDqSo9GguuWsmGgYSLIII8sZiofGIpnaeDm9Kz0jErmp76VMQPDw==
expires: Sat, 13 May 2023 01:42:21 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 3C6F 13 KB
13 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 21:02:14 GMT
x-content-type-options: nosniff
age: 276007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 21:02:14 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 3C6F 12 KB
13 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 21:02:14 GMT
x-content-type-options: nosniff
age: 276007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 21:02:14 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 18ms
18ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=326537ad946a00ee0149f9563be54212b00e6bc2f9d3b35f2d81178f187f91f3&ttl=&rurl=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

postmessage.html Show response
accounts.livechatinc.com/static/ Frame 42D3
Redirect Chain

https://accounts.livechatinc.com/licence/g9054575_38/customer?license_id=9054575&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livecha...
https://accounts.livechatinc.com/static/postmessage.html

553 B
493 B

144ms
143ms

Document
text/html

23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/static/postmessage.html
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/iframe.5661c05b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae

Request headers

Referer: https://secure.livechatinc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 365
content-type: text/html
date: Fri, 13 May 2022 01:42:22 GMT
etag: "06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 May 2022 01:42:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://accounts.livechatinc.com/static/postmessage.html#access_token=dal%3AQ1gdxpMRTG-W_reueVTb9Q&entity_id=54e63d67-c5d8-4a96-5f1a-8b6fad86353f&expires_in=28800&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth&token_type=Bearer
pragma: no-cache

OPTIONS
H2 200 check_goals
api.livechatinc.com/v3.3/customer/action/ Frame 0
0 528ms
501ms Preflight 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9054575
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://secure.livechatinc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type
access-control-allow-origin: https://secure.livechatinc.com
content-length: 0
date: Fri, 13 May 2022 01:42:22 GMT
vary: Accept-Encoding

POST
H2 200 check_goals Show response
api.livechatinc.com/v3.3/customer/action/ Frame 3C6F 2 B
157 B 156ms
155ms XHR
application/json 23.36.162.85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9054575
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://secure.livechatinc.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer dal:Q1gdxpMRTG-W_reueVTb9Q
Content-Type: application/json

Response headers

access-control-allow-origin: https://secure.livechatinc.com
legacy: 2023-06-30
access-control-allow-credentials: true
date: Fri, 13 May 2022 01:42:22 GMT
content-length: 2
vary: Accept-Encoding
content-type: application/json

GET
H2 200 usersyncs
api.feedad.com/1.1/web/ 42 B
312 B 64ms
20ms Image
image/gif 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4fce2331-2736-4f50-85b8-d6fa56b245cf
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-cloud-trace-context: 501c8501e79190610c93ecd1d4e676e9
cache-control: private
server: Google Frontend
content-type: image/gif
date: Fri, 13 May 2022 01:42:22 GMT
content-length: 42
expires: Fri, 13 May 2022 01:42:22 GMT

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=36efb8dc-867c-45eb-ad38-f4babec469c2
https://inv-nets.admixer.net/bs/cm.aspx?id=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&consent=&gdpr_pd=

43 B
463 B

32ms
7ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:22 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&consent=&gdpr_pd=
Date: Fri, 13 May 2022 01:42:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=2f4107a6-449b-477d-9873-5cae78b6a6c5
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039&cookieRequired=true

0
122 B

21ms
20ms

Image
text/plain

188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039&cookieRequired=true

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=

Protocol

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-4k4dj
date: Fri, 13 May 2022 01:42:22 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

location: /dspreply?dspId=25&dspUserId=be58ff76-e02f-460a-9863-92213cd93039&cookieRequired=true
date: Fri, 13 May 2022 01:42:22 GMT
x-dm-lb-name: ingress-nginx-nginx-in-cluster-4k4dj
content-length: 129
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&cb=ab482886-63c8-4e4d-b349-46444d420622
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=

43 B
163 B

20ms
20ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=be58ff76-e02f-460a-9863-92213cd93039&gdpr=&gdpr_consent=
Date: Fri, 13 May 2022 01:42:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 xuid
eb2.3lift.com/ 37 B
353 B 13ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=4fce2331-2736-4f50-85b8-d6fa56b245cf&dongle=3oy7
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 usersyncs
tags.feedad.com/1/ 42 B
314 B 55ms
20ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4fce2331-2736-4f50-85b8-d6fa56b245cf
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-cloud-trace-context: c5f8b7e03755b6db078958099f6f5cf7
cache-control: private
server: Google Frontend
content-type: image/gif
date: Fri, 13 May 2022 01:42:22 GMT
content-length: 42
expires: Fri, 13 May 2022 01:42:22 GMT

GET
H2

200

bsw_sync
usw.sportradarserving.com/
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=409&user_id=4fce2331-2736-4f50-85b8-d6fa56b245cf&user_group=2&redir=%2F%2Fusw.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://usw.sportradarserving.com/bsw_sync?bsw_uid=be58ff76-e02f-460a-9863-92213cd93039

43 B
112 B

233ms
160ms

Image
image/gif

35.212.242.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usw.sportradarserving.com/bsw_sync?bsw_uid=be58ff76-e02f-460a-9863-92213cd93039
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: H2
Server: 35.212.242.235 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.242.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

Location: //usw.sportradarserving.com/bsw_sync?bsw_uid=be58ff76-e02f-460a-9863-92213cd93039
Date: Fri, 13 May 2022 01:42:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK i
serving.ads.sportradar.com/ 43 B
533 B 126ms
29ms Image
image/gif 54.74.252.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.ads.sportradar.com/i?stm=1652406142430&e=se&se_ca=cookie_sync&se_ac=1326962a-fb2a-43ed-8ad9-7bbe4599c97d&se_la=4fce2331-2736-4f50-85b8-d6fa56b245cf&tv=js-2.14.0&tna=cf&aid=sr-tracker-masonslots-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=f9314f1c-b6cb-4c65-889f-0f572a1e0666&dtm=1652406142421&vp=1600x1200&ds=1600x5389&vid=1&sid=5f1b50d5-2aa0-4c41-88e4-e64b5f0838bb&duid=1326962a-fb2a-43ed-8ad9-7bbe4599c97d&refr=https%3A%2F%2Fwww.masonslots.site%2F&url=https%3A%2F%2Fwww.masonslots.com%2Fde%2F%3Fbtag%3D665070_CEBAE3E43C364E79BEF89C653FAEC5C9%26__layerref%3D&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjQ5NDgxNDcyMS4xNjUyNDA2MTQxIn19XX0
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/de/?btag=665070_CEBAE3E43C364E79BEF89C653FAEC5C9&__layerref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.252.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-252-125.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 01:42:22 GMT
Server: akka-http/10.1.12
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43

GET
H2 200 CaribbeanPoker.webp
cdn2.softswiss.net/masonslots/i/s3/bsg/ 11 KB
11 KB 13ms
12ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/bsg/CaribbeanPoker.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82cd22c01dd541eb6467bbe7289bb2bd12a124c52f8fd31c69768304434ee221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
server: cloudflare
age: 41891
etag: "5d146666-2d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cb39be8-FRA
content-length: 11560
expires: Fri, 13 May 2022 14:04:11 GMT

GET
H2 200 LuckyEgypt.webp
cdn2.softswiss.net/masonslots/i/s3/amatic/ 46 KB
46 KB 34ms
33ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/amatic/LuckyEgypt.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e0cc32deba303645e968036240f1f1c8e86236dd94ec391b0859b0d333909f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 19 Aug 2021 12:40:02 GMT
server: cloudflare
age: 41891
etag: "611e5122-b6d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cb49be8-FRA
content-length: 46804
expires: Fri, 13 May 2022 14:04:11 GMT

GET
H2 200 americanroulette.webp
cdn2.softswiss.net/masonslots/i/s3/evolution/ 19 KB
19 KB 17ms
16ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/evolution/americanroulette.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e437246292a78af6168ca78e2f9f93d149344348de0d19b48e2f231e6cde6c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
server: cloudflare
age: 38378
etag: "5d146666-4c2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cb79be8-FRA
content-length: 19502
expires: Fri, 13 May 2022 15:02:43 GMT

GET
H2 200 auto_la_partage.webp
cdn2.softswiss.net/masonslots/i/s3/evolution/ 21 KB
22 KB 31ms
31ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/evolution/auto_la_partage.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b519891c6fd3b0df7c79753b7594823d1921efcd69002d821a12f9107f3987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
server: cloudflare
age: 40455
etag: "5d146666-55bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cb99be8-FRA
content-length: 21948
expires: Fri, 13 May 2022 14:28:07 GMT

GET
H2 200 auto_roulette.webp
cdn2.softswiss.net/masonslots/i/s3/evolution/ 26 KB
26 KB 38ms
37ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/evolution/auto_roulette.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2399fa4ffd31a03009a52714ae81d8bdd5573cc4453afd2fff2c242e5257035b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
server: cloudflare
age: 40455
etag: "5d146666-680c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cbc9be8-FRA
content-length: 26636
expires: Fri, 13 May 2022 14:28:07 GMT

GET
H2 200 auto_roulette_vip.webp
cdn2.softswiss.net/masonslots/i/s3/evolution/ 26 KB
26 KB 38ms
38ms Image
image/webp 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/masonslots/i/s3/evolution/auto_roulette_vip.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2399fa4ffd31a03009a52714ae81d8bdd5573cc4453afd2fff2c242e5257035b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
server: cloudflare
age: 39726
etag: "5d146666-680c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 70a7b2776cbd9be8-FRA
content-length: 26636
expires: Fri, 13 May 2022 14:40:16 GMT

POST
H3 200 pub3a0dfba8fd960606c3d5feb548d59372
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0 60ms
58ms Ping
application/json 2600:1901:0:662c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pub3a0dfba8fd960606c3d5feb548d59372?ddsource=browser&ddtags=sdk_version%3A3.10.0%2Cenv%3Aproduction%2Cservice%3Amasonslots%2Cversion%3A1.0.59&batch_time=1652406142657
Requested by: Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:662c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.masonslots.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 pixel Show response
a.sportradarserving.com/ 914 B
976 B 166ms
166ms Script
text/javascript 35.212.242.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAJW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.242.235 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.242.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 35386b91ae2681dea88ae17a2672920d50e90151f82b6546dd67f7b02aa4df01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:23 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 914
content-type: text/javascript; charset=UTF-8

GET
H2 200 usersyncs
tags.feedad.com/1/ 42 B
124 B 21ms
19ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4fce2331-2736-4f50-85b8-d6fa56b245cf
Requested by: Host: a.sportradarserving.com
URL: https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-cloud-trace-context: 608471cb718ec955b6a91d26a0f612d0
server: Google Frontend
date: Fri, 13 May 2022 01:42:23 GMT
content-length: 42
content-type: image/gif

GET
H2 200 usersyncs
api.feedad.com/1.1/web/ 42 B
124 B 44ms
43ms Image
image/gif 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4fce2331-2736-4f50-85b8-d6fa56b245cf
Requested by: Host: a.sportradarserving.com
URL: https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-cloud-trace-context: 20402599928aa037bb8fbc833c4a56ed
server: Google Frontend
date: Fri, 13 May 2022 01:42:23 GMT
content-length: 42
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ 37 B
353 B 10ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=4fce2331-2736-4f50-85b8-d6fa56b245cf&dongle=3oy7
Requested by: Host: a.sportradarserving.com
URL: https://a.sportradarserving.com/pixel?type=js&aid=1219&id=2897
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 20ms
20ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:26 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 748
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 70a7b28e5cc623df-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 12 Jun 2022 01:42:26 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/69d3d1c9-f89e-4767-97b1-2b8316282b18/ 184 B
629 B 313ms
298ms Fetch
application/json 2606:4700::6812:e234

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/69d3d1c9-f89e-4767-97b1-2b8316282b18/icon

Requested by

Host: www.masonslots.com
URL: https://www.masonslots.com/js/main.c38da438.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

85b5b40254b6e865f62bf8885e8c83a3de49f3f51d562064bf629a075247c2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.masonslots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 01:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ca1b212f-4eb3-43a5-98b7-ad90f1f44ee1
x-runtime: 0.012654
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"85b5b40254b6e865f62bf8885e8c83a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 70a7b28eacf823df-ZRH
access-control-allow-headers: SDK-Version

GET e8d480ae-d0e1-4e69-a704-912d70d0c1fe
img.onesignal.com/permanent/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.onesignal.com
URL: https://img.onesignal.com/permanent/e8d480ae-d0e1-4e69-a704-912d70d0c1fe

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

105 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/38/token	1970-01-20 20:31:18	Name: __lc_cid Value: 54e63d67-c5d8-4a96-5f1a-8b6fad86353f
.accounts.livechatinc.com/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/38/token	1970-01-20 20:31:18	Name: __lc_cst Value: 15f141db005beb2d12d77dae2831b5910f99bfd7847373f14566eeb3a804cfca42fb086b25df7ffbdbf723d1aac2d64848b4a34db5ee231d98e1c1229603
.accounts.livechatinc.com/licence/g9054575_38/	1970-01-20 20:31:18	Name: __lc_cid Value: 54e63d67-c5d8-4a96-5f1a-8b6fad86353f
.accounts.livechatinc.com/licence/g9054575_38/	1970-01-20 20:31:18	Name: __lc_cst Value: 15f141db005beb2d12d77dae2831b5910f99bfd7847373f14566eeb3a804cfca42fb086b25df7ffbdbf723d1aac2d64848b4a34db5ee231d98e1c1229603
.admixer.net/bs	1970-01-20 05:09:42	Name: am-uid Value: c8c3ce122da447ca9a2a04179d0224d4
.playamopartners.com/	1978-01-11 21:31:40	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a126522%2c%22BID%22%3a2041%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1652406139605)%5c%2f%22%2c%22CookieTag%22%3a%222041126522e1%3a%3a172%3a02%3a8ca%3a1002C2022513142%22%7d%5d
.playamopartners.com/	1971-01-20 00:02:58	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22635061093%7c1%22%7d%5d
www.masonslots.com/	1970-01-20 03:00:07	Name: _dd_s Value: rum=2&id=982505b6-77d8-4c7c-ab88-02e883b30c41&created=1652406140112&expire=1652407040112
.masonslots.com/	1969-12-31 23:59:59	Name: locale Value: ImRlIg%3D%3D--e8a8de16c043236db9447d6123b76226e0634100
.masonslots.com/	1970-01-20 03:44:44	Name: referral_params Value: eJxLKklMtzUzMzUwN4h3dnVydDV2NTF2NjYzcTW3dHJ1s7B0NjM1dnN0dTZ1tlSLj89JrEwtKkpNswUApxMPkQ%3D%3D
.masonslots.com/	1970-01-20 03:44:44	Name: btag Value: IjY2NTA3MF9DRUJBRTNFNDNDMzY0RTc5QkVGODlDNjUzRkFFQzVDOSI%3D--07e1e1f48000eff555acb556f9282cabe22ffecd
.trafficjunky.net/	1970-01-23 17:24:06	Name: tj_UUID Value: 8038599532726052303
.trafficjunky.net/	1970-01-20 07:19:18	Name: f027bd979ff4d2baa5a24dfb4560dd01 Value: notregistered
.realsrv.com/	1970-01-20 11:45:42	Name: goals Value: a%3A1%3A%7Bi%3A92358%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-12%22%3B%7D%7D
.exdynsrv.com/	1970-01-20 11:45:42	Name: goals Value: a%3A1%3A%7Bi%3A92358%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-12%22%3B%7D%7D
.exoclick.com/	1970-01-20 11:45:42	Name: goals Value: a%3A1%3A%7Bi%3A92358%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-12%22%3B%7D%7D
.exosrv.com/	1970-01-20 11:45:42	Name: goals Value: a%3A1%3A%7Bi%3A92358%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-12%22%3B%7D%7D
tsyndicate.com/	1970-01-20 11:45:42	Name: ts_rt_3989abf8-5762-49c1-a9c3-634eccc64f58 Value: AQE=
.masonslots.com/	1970-01-20 20:31:18	Name: _ga Value: GA1.2.494814721.1652406141
.masonslots.com/	1970-01-20 03:01:32	Name: _gid Value: GA1.2.1489265912.1652406141
.masonslots.com/	1970-01-20 03:00:06	Name: _gat_UA-194747829-1 Value: 1
www.masonslots.com/	1970-01-20 07:22:54	Name: _pk_ref.4.f71f Value: %5B%22%22%2C%22%22%2C1652406141%2C%22https%3A%2F%2Fwww.masonslots.site%2F%22%5D
www.masonslots.com/	1970-01-20 12:26:01	Name: _pk_id.4.f71f Value: b23c312d1daccc95.1652406141.
www.masonslots.com/	1970-01-20 03:00:07	Name: _pk_ses.4.f71f Value: 1
.masonslots.com/	1970-01-20 03:00:07	Name: _sp_srt_ses.4772 Value: *
.adform.net/	1970-01-20 03:44:44	Name: C Value: 1
.adform.net/	1970-01-20 04:26:30	Name: uid Value: 1069532889062939928
.adform.net/	1970-01-20 03:01:32	Name: CM Value: 1\|1
.adform.net/	1970-01-20 03:20:15	Name: CM14 Value: 1652492541_1652406141_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 04:26:30	Name: uid Value: 1069532889062939928
.adscale.de/	1970-01-20 11:42:22	Name: uu Value: cf305b370ccd46fea771367e8c2a5f95
.adscale.de/	1970-01-20 11:42:22	Name: cct Value: 1652406141695
.advertising.com/	1970-01-20 11:47:08	Name: APID Value: UPee82e586-d25d-11ec-b16c-02080fde3794
.bidswitch.net/	1970-01-20 11:45:42	Name: tuuid Value: be58ff76-e02f-460a-9863-92213cd93039
.bidswitch.net/	1970-01-20 11:45:42	Name: c Value: 1652406141
.bidswitch.net/	1970-01-20 11:45:42	Name: tuuid_lu Value: 1652406141
.ih.adscale.de/	1970-01-20 11:42:22	Name: tu Value: 4#3872517027#42~1069532889062939928~459001~0~0
.yieldlab.net/	1970-01-20 11:45:42	Name: id Value: 43f4903e-88cd-472e-aed6-6d98148ad534
.eyeota.net/	1970-01-20 03:00:06	Name: SERVERID Value: 22711~DM
ads.stickyadstv.com/	1970-01-20 04:26:30	Name: uid-bp-617 Value: 1069532889062939928
ads.stickyadstv.com/	1970-01-20 03:43:18	Name: UID Value: 1921a17a2d7dbfe967763b3da161c4
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 79bffcecdedc09bf05220d49dddbf92
.rlcdn.com/	1970-01-20 11:45:42	Name: rlas3 Value: IJ53n0vPKvW6AirxB+7lw63q84s8A9JVzXFqVS60rw8=
.semasio.net/	1970-01-20 11:45:42	Name: SEUNCY Value: ECEEC472DA642417
.casalemedia.com/	1970-01-20 11:45:42	Name: CMID Value: Yn23fZg1Wyls7FmiChdTygAA
.casalemedia.com/	1970-01-20 05:09:42	Name: CMPS Value: 3169
.360yield.com/	1970-01-20 05:09:42	Name: tuuid Value: 40e56b8f-e01c-4679-8b68-56eca2a0e143
.360yield.com/	1970-01-20 05:09:42	Name: tuuid_lu Value: 1652406141
my.rtmark.net/	1970-01-20 11:45:42	Name: ID Value: bb86a57b2266497d9a10324bc0be9f02
.rlcdn.com/	1970-01-20 04:26:30	Name: pxrc Value: CP3u9pMGEgUI6AcQABIGCLrqARAA
.360yield.com/	1970-01-20 05:09:42	Name: um Value: !42,d.tovYGwI6vmufUQAL18zovVLEYeRz.sZvVHz8bjQseA,1653615741
.360yield.com/	1970-01-20 05:09:42	Name: umeh Value: !42,0,1714614141,-1
.casalemedia.com/	1970-01-20 05:09:42	Name: CMPRO Value: 1112
.casalemedia.com/	1970-01-20 03:01:32	Name: CMST Value: Yn23fWJ9t30A
.casalemedia.com/	1970-01-20 11:45:42	Name: CMRUM3 Value: 6f627db77d27601069532889062939928
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.exelator.com/	1970-01-20 05:52:54	Name: EE Value: "12287087b475e825db3c3834055c5bae"
.onaudience.com/	1970-01-20 11:45:42	Name: cookie Value: 0c860b4ec8fe9807
.onaudience.com/	1970-01-20 03:01:32	Name: done_redirects219 Value: 1
.yahoo.com/	1970-01-20 11:46:03	Name: A3 Value: d=AQABBH23fWICENp-g9CVYPIvv8D7RSyOAt4FEgEBAQEIf2KHYgAAAAAA_eMAAA&S=AQAAApzKP3-I6jmypctCc43hwdY
.exelator.com/	1970-01-20 05:52:54	Name: ud Value: "eJxrXxzq6XKLQcHQyMjC3MDCPMnE3DTVwsg0Jck42djC2MTA1DTZNCkxdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAcEl%252BUWb6InenxUUpaQyLSopPBR%252BI7QIAZ0Yppw%253D%253D"
.analytics.yahoo.com/	1970-01-20 11:45:42	Name: IDSYNC Value: 1760~24up
.doubleclick.net/	1970-01-20 12:21:42	Name: IDE Value: AHWqTUmcowEWj-C4R0aJ6ffnzxktZwBpUs747B4w5_4DwwSpqBheQgYjJjKTG7paBHc
.adnxs.com/	1970-01-20 05:09:42	Name: uuid2 Value: 2100074151070105870
.zeotap.com/	1970-01-20 11:45:42	Name: zc Value: 4162884d-7b38-445e-7bf2-e92ba154f2c9
.zeotap.com/	1970-01-20 03:01:32	Name: zsc Value: %C7%99I%DD7%E5%EFqhDf%88%D4%E8%82%FB%D4%8B%F1%22R%1D%D2k%3C%9A%AF%AD%8Ax%B0i3z%BC%E5%F2%0Bo3%60X%BE%CB%FE%23%12%E0%1F%BA%17%AC%FB%9A%FA%A2%A5S%B2%F8%D6%95%DC%03%26x%FE%CB%E3Rf%0Dx%1Dv%27%3F%D8%B2%DF%CA%F9R
.sportradarserving.com/	1970-01-20 11:45:42	Name: c Value: 1652406141
.sportradarserving.com/	1970-01-20 11:45:42	Name: zuuid Value: 4fce2331-2736-4f50-85b8-d6fa56b245cf
.adnxs.com/	1970-01-20 05:09:42	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2In=rgCmh!]tbPl1M66+q([OUf!3:VELrkSgNPhN]Q]x_+.>_OyzWnmc8`%3If)y3KL9D3I?-6vDciN
.krxd.net/	1970-01-20 07:19:18	Name: _kuid_ Value: O1YDok5n
.agkn.com/	1970-01-20 11:45:42	Name: ab Value: 0001%3AnjC%2F3pLPa6cta%2B1kaDPCutcrnoDCL6Fl
.adfarm1.adition.com/	1970-01-20 05:09:42	Name: UserID1 Value: 7097030339599726743
.mathtag.com/	1970-01-20 12:26:01	Name: uuid Value: 838d627d-b77d-4c00-b595-f4a9a2da6c59
.w55c.net/	1970-01-20 12:30:20	Name: wfivefivec Value: MYlGXuEf1NPkjY5
.w55c.net/	1970-01-20 03:43:18	Name: matchadform Value: 5
.id5-sync.com/	1970-01-20 03:00:06	Name: cf Value:
.id5-sync.com/	1970-01-20 03:00:06	Name: cip Value:
.id5-sync.com/	1970-01-20 03:00:06	Name: cnac Value:
.id5-sync.com/	1970-01-20 03:00:06	Name: car Value:
.id5-sync.com/	1970-01-20 03:00:06	Name: gdpr Value:
.id5-sync.com/	1970-01-20 03:00:06	Name: callback Value:
.demdex.net/	1970-01-20 07:19:18	Name: demdex Value: 33264791159654517540604559464198248137
.weborama.fr/	1970-01-20 12:26:01	Name: AFFICHE_W Value: BiTYHjbZkW8G35
.dpm.demdex.net/	1970-01-20 07:19:18	Name: dpm Value: 33264791159654517540604559464198248137
.pubmatic.com/	1970-01-20 03:43:18	Name: KRTBCOOKIE_391 Value: 22924-1069532889062939928&KRTB&23263-1069532889062939928
.pubmatic.com/	1970-01-20 03:43:18	Name: PugT Value: 1652406140
.3lift.com/	1970-01-20 05:09:42	Name: tluid Value: 399112849933088985259
.1dmp.io/	1970-01-20 11:45:42	Name: uid Value: eecbd510-d25d-11ec-acfd-901b0e8b2a6e
.tapad.com/	1970-01-20 04:26:30	Name: TapAd_TS Value: 1652406142187
.tapad.com/	1970-01-20 04:26:30	Name: TapAd_DID Value: 0d0f343b-6215-435a-8dcf-31bc60e43c12
.tapad.com/	1970-01-20 04:26:30	Name: TapAd_3WAY_SYNCS Value:
.sportradarserving.com/	1970-01-20 11:45:42	Name: zuuid_lu Value: 1652406142
.sportradarserving.com/	1970-01-20 11:45:42	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 11:45:42	Name: zuuid_k_lu Value: 1652406142
.sportradarserving.com/	1970-01-20 11:45:42	Name: cm2 Value: !bidswitch,421735342
.sportradarserving.com/	1970-01-20 11:45:42	Name: bss Value: !bidswitch,421663342
.audrte.com/	1970-01-20 03:21:42	Name: arcki2 Value: 1852HYZw8fgTVqzpT7wH2BImA!20210804!1652406142288
.audrte.com/	1970-01-20 03:21:42	Name: arcki2_adform Value: 1069532889062939928!20210804!1652406142289
.audrte.com/	1970-01-20 03:10:10	Name: arcki2_TTT Value: 1652406142290!1852HYZw8fgTVqzpT7wH2BImA!H4sIAAAAAAAAAEVWQW52Jww8DGskMMbYyy66qH61i6oXsA2+/xE6L100UpIveTzwjGfGuJCEz91pavRVfroGW68VuieLhY82Y1Btzk7s0fnN2+3V6Hyl1szaUdZmMW260rHGO4dYV3LqIWH0VPhMa/ceOjaxk7J23qI97Oyez0+aqO3yNpjn4bX7tb37uvikZq/b5m3lwdeslcV5NB+OI+ssg7obef/KvsfHWc8bvZ1qSdgf5XC83ePDOdRC764XtZvoqqjB/eyjoIBON47CSpJSsHHvbJJSTxTHDQNE4t19F3cu2jPnGOHcYjxiNe3XUTPPlG4eqyv7EnN5StXkvUuMQ7baBQWh3fKC9rXGizfuiEThvghF9z0JbTHxrsrU7xO2wllne7tssxKY6goKs4Wal4yeYesNBVuxGt9gZ1SyT6JcxiI1Suz0PGue66XNi2ZMvx3vTaC70U02FiWILc9d4Mm20NggO3VbXzqw0wat+5SShWS6tmdzXAIx7gvHHUfvJo/uA9vHO0PV2qObflD4koUzBRBdoAKvUUl51r3e3g5fNkHmOtgJ5Xa/WX3wAvq1aYHMuY9dA8WBlgDdW1AmIMSQgKx9Eo6rl2kZ30nLP3QXoiPtYxmXTKhIQQGfSPyny8oFqTCOkx2dciffuarIGvajMQsCqIKeSGAEEN1rzyHbI2R422A+pzKasaCnq6huXu7w0JWgPdaKdr6HZxMEsmAktAg1pfct15KV1q1qKaFOB+WAXLiNsPyE9VeXH0O2g7UtXrJrSE9Q9y0CuhWfHoT0mcOhBbdMQwNWFwgI2wV22uadDitcoIGvRmeX+ea+fmwOzXZfjgYLHZqfetMabTTxA75EDgo3qODCPIAuGkRrndXEbh5BM+66YHy8g51gKbO6N0j9cDRX9SSqLqYoPFCT+/ikUOM682fShl0L5ncAf1AmpA/GwYiqIAvm9UO3jbePH1BcdlATsqM7oZVh+PXZePlrh6wI8uz04pMvlIV8WjD8lDlrfiibWmklBJJILDj4EMzLE4ZOjnPHzr3bHfloQ5TzEmoaaDXi8CF/Mqsu3InClc+tH8tOLyzCyjAoUx15sXIcy9nOEHtfx8wRvNA12iJfJtYeLOovtzZ9FQnSOgHOf8HqeK3/qPsseHCdxgPt9xlgnKCX/Rg2h411jRsbCDUZWQCDbPAkDCmtgEoUf/dK4UW2J476FvmDvADnIsSgj+4sE5m5oOzCz/cQPVdlEt6vOzseIJ8Yyor7liHSwOJoTKXyYT7QK9zyo8wJnIg5MJOKTVocMynk/DO0daWeHgnLzC8WNOaEvtsff/3529+/fv+n4/XTadAwNGsrPhSGCX/DZJ2cEBCM9MU6sG2ko7X1KADkYsB9AvrS2fRWPwisebCcsChBNW+4HXKDNj6HuzD+VKJcRuvUasjLGBfD5LMDKJ7fxHnZ/TmJK3o1VjMihEokBIRU4k9ggYTpM43PQDpfPs1U4EA8Gj6xqCZGpdhBjGCobYFwnmKnPYZiOuAb7K39g+4h2gxxK2cGj/bSxa9Sx5uI0wdR6k7oqU7BJpDelZb11qAvywzTAea3b1RiMqNbU33BtrdljiTJ10k+cxN6D3vAvJMwEpGUcrmN4cCB6wEwgkx87hgD3hFUiHoM8I3C1c7wqOrvfqlVMD8uAICIB+ALF46lrTTh3QEK8gtJm4IEwZmQy7rj0+vdDcPHH4YL7BPxBTfmKWHPNx1ZBJVhpLaLuQfi0AzkBcyPu4wGhgVQI2BL+J7EjC/ARPoL8vyLU/i6DL1JeZM31mCY2OC8CKceXoiRceBWXFr6DFgU944hF6mFUt/iT0qf8ggQohyieoyZMlfyPi32Goj786kEFG7+sgiBA4MiWuu9nPy/qHGDwPiXo9wck0plrY5gtC8QQDXU0Pd+X/jwWnM3yCARiaMf2l/iI6z9QmMD2cMF+12ejebOcdF0ZDtuWvLJhzE+J/LXEsQiYv4FnHXss/0JAAA=
.feedad.com/	1970-01-20 03:43:18	Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u Value: 4fce2331-2736-4f50-85b8-d6fa56b245cf
.dmxleo.com/	1970-01-20 10:12:06	Name: dmxId Value: 2628DE31DFCB9FC00ZABZGJZHPVVDVROG
.masonslots.com/	1970-01-20 16:08:30	Name: _sp_srt_id.4772 Value: 1326962a-fb2a-43ed-8ad9-7bbe4599c97d.1652406141.1.1652406142.1652406141.5f1b50d5-2aa0-4c41-88e4-e64b5f0838bb
.audrte.com/	1970-01-20 03:21:42	Name: arcki2_ddp Value: CAESEDQmYM0Kc6jPhYdn2asZx-8!20210804!1652406142413
.sportradar.com/	1970-01-20 11:45:42	Name: _sr_ads Value: 2d9a3b76-1048-474a-9038-4bca07355969
.masonslots.com/	1970-01-20 20:31:18	Name: _ga_WYN08PVV9R Value: GS1.1.1652406140.1.1.1652406144.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
aa.agkn.com
accounts.livechatinc.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
api.adrtx.net
api.feedad.com
api.livechatinc.com
beacon.krxd.net
c1.adform.net
cdn.livechatinc.com
cdn.onesignal.com
cdn2.softswiss.net
cm.adsafety.net
cm.g.doubleclick.net
ctrack.trafficjunky.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
echoback.ads.sportradar.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
img.onesignal.com
inv-nets.admixer.net
load77.exelator.com
loadm.exelator.com
main.exdynsrv.com
main.exoclick.com
main.exosrv.com
main.realsrv.com
masonslots.site
match.adsrvr.org
match.contentexchange.me
matomo.trackbanner.info
media.playamopartners.com
mwzeom.zeotap.com
my.rtmark.net
onesignal.com
payments-lib.cdn.s7s.ai
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rum-http-intake.logs.datadoghq.eu
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
safeportolavalleymarket.com
secure.adnxs.com
secure.livechatinc.com
server.seadform.net
serving.ads.sportradar.com
simage2.pubmatic.com
spl.zeotap.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
tags.feedad.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
track.trackingtraffo.com
tracker.ads.sportradar.com
tsyndicate.com
uipglob.semasio.net
ups.analytics.yahoo.com
usw.sportradarserving.com
www.google-analytics.com
www.googletagmanager.com
www.masonslots.com
www.masonslots.site
x.bidswitch.net
img.onesignal.com
104.102.29.65
104.104.52.162
104.17.115.131
104.18.34.76
104.18.42.221
104.89.28.165
104.90.150.196
136.243.148.229
139.162.147.254
139.45.195.8
141.94.170.64
141.95.98.64
142.250.185.98
146.0.227.109
172.104.145.13
172.64.150.25
18.185.251.21
18.194.10.133
18.195.155.181
18.64.115.81
184.30.20.207
185.64.189.110
185.86.137.132
188.65.124.66
2.18.234.233
216.239.36.21
216.239.38.21
23.36.162.85
2600:1901:0:662c::
2600:9000:224a:dc00:1b:5138:8a40:93a1
2606:4700:10::6816:1957
2606:4700:3035::6815:1b36
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a02:26f0:6a::210:da32
2a02:26f0:d6::5f65:5329
2a02:6ea0:c700::4
3.122.66.220
3.126.56.137
3.127.178.105
34.240.179.113
34.247.198.199
34.254.143.3
35.190.24.218
35.212.242.235
35.227.248.159
35.244.159.8
35.244.174.68
37.157.5.142
37.157.5.71
37.157.6.252
37.157.6.253
37.252.172.37
46.19.11.36
5.45.70.20
52.218.106.83
52.223.40.198
52.29.193.101
52.30.140.199
52.50.239.222
52.58.147.241
52.71.149.243
54.154.85.177
54.229.33.24
54.74.252.125
66.254.114.89
69.169.86.38
69.173.144.138
69.192.160.219
76.223.111.18
77.243.60.138
85.114.159.118
88.214.195.94
94.130.141.49
95.211.229.245
95.211.229.246
0027b8866577773c4e630023c7bfe1d876a3b62709121ba4fd3c331b91c0b705
089500ffbcb257c6288f56e5be8d657aeb8d82661271344cd85dad1ff0ab3517
09d3f3547a261a84018eaf7c6cabe178e681d8e078ac819d7c3b345f6e0a17b8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ebeb0cb30fe2e9890a5ec0421fd5549e361a15e9b36b7b4fba74854be3be11f
1165c637cdd6da23b14e28da29623b81ab2c454f0e30515031107a7b165cd411
164b6eaa39e73a4450eacee02e50be746859d13cc569c7975a88b620c21c8fa5
1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e
217e90023036e23c3a5ade465e89c52a0749c098e5fe6f43ae9e88d35bbad2a9
22310678bdda2cca80cbf8094c7637744554c6d22b4c4e5e46e21df862b0a8f3
2399fa4ffd31a03009a52714ae81d8bdd5573cc4453afd2fff2c242e5257035b
26ea6a8b356da7654685f47aecd7f0a24a447deeadd6aee5e445a8ad710d074a
27f949ba546b6b37e0238f5adb5eded2635a7ef4ffa7907da971719ff40fab62
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
291c7bd399a8acbc8539731b9c7e5c3cad40827e251c24512eb3ba438af2e0bf
29702fcb88275615270cf713d1d4b5522e6dd6da063fb2f2733b1d660deb026f
2dd3f51f1073419d29c6f78fa23d0e7a013d913ac6bb345c2674d9227384a2f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e374aa041f39b7ebfd13d6caac69368552adc460d40203d9c0f0d3b8e34a6b7
2f381ae98d049d7803bd8a90bd083e1f430fd71bcc8be279beb448f5649f3405
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307b068cf357080ada4fac23b8824eda34830d7737eea1ffe6220ccf34d113da
317d82a0abd374a6ab6701a2eea1c290f5718f5f230a4fdede431ff7235db048
325dd1d8ee32b0ffc5bd7286c3f7707cd0a2497a8e4a166d035755a9c64baf35
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35386b91ae2681dea88ae17a2672920d50e90151f82b6546dd67f7b02aa4df01
387bfdb744dd455be9e7aa6f50681084b0d687aad8b8190fc42288c49a2fe25e
3a78ef6a0feaa6b4e96ec899bcdb6b556517d7e6fbbf8116e2ddf41bd5d894e5
3b6a3377645529a51c8b479cb2dc976b6028f983d27be699760ccdede9ceb96d
3b939d5a5c3d869baccbec4069c2a6ed6ac6a8ece559f0f4ddb6f0d37a960102
3cf7a203151a2cfbf8d55a033476a4018d11e7040780c8c3fa424aac32629e6b
3de9b49dd114ba2198a5d1092d171636061eb1c76817c05a255b6ab6d705569e
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70
3e69eafe2012433a241b4f927b86bcf3d7596c14181d961f0b7a15084177059e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
436626a4998153dc002a1e7655a8e6d77fca7202f935476db35c6953b55ae752
43e98422258ad293f5b30d93d799cd55de95802710150a6ef3e2eb36dc703109
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806
48b519891c6fd3b0df7c79753b7594823d1921efcd69002d821a12f9107f3987
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0a9c1294a19d04f6770c2d103fed02177217276c05190f9971f1471382a889
4e3df5f0f7f21c9beb355335ee751e0018875059107defb138d52463dee98741
4e5be27b04d82baab79386a3e88e55715bb4d419cfa90e5b5300d3da0541dbc0
500a7144d03f1a09f468756b8dbc786d0ee0057448760619233676717b96dd94
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
546471ff485fe878642005a378a8b874b3b0ee0e73e2bb47c0254ba0f873c88d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552953dc2d174a872a48342a7c1878c7a631ada95d9ab71bd60118f959a48622
56526d138edda48667eb47a1002ba3a6119cbdc65e7aa255892e2a153fd23ca1
59b010e5a7501082a80e853c6cb0c98e2f4edfb8934a4792572ed2c46b6b40cd
5b3e5f1d5d0e5ff4944fc4bc69394ed951e137a0889c15daca893baa4593fd68
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5eda43bedf6fd0e8eedb58e4beb5fd87fdc00f2293ef1bc2ec4d5f08d8fbd68b
60a962034fcddc0a93e3d784746d46ced58069ccc3d0c2bf87accdcda9df1edd
6223932455e13e1d20ed52304aee8cc62ccffb3fffbc54d54b8d69b434df691b
62c7ab7279a503578eb69fb9d5ac36f4ebd669ea66bdddf77c2586cd03aad39f
62c85f9e8f6e785755cb1b7dbdcb296c15d14e619eaac97da72c93704d262449
647e1d23dfce5135fb3003a7fc47f300eb4981bbe7d70a23fe4fdcf8145b7088
6751df043bdb8a20522909e385cca0eaa2f914cef854b8db0566d29131271f05
69074b2cb0fa476fe451cd60f64e437905ab79edaeb94f4b789716aab0523f36
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd219b08c579be082c59267cc5d63e54659d419b55f4f1bd4bc90ddd32d3119
6cf66e74564659f98eeb6ec66f3f7f3f996ec99cb5ef43a0d8d2f1f67c6b7c1e
6dd93a3c7c4b7e4a56d378cd0c3f5db99576264d4f64e4f0932d52ff69426022
6edc30e149647e4a3cf3baa0bda24f6dd8d1ee43bc541848d40fb740776ad95a
72006d81d8e2e779e60db60bf0bdecfae011822b76e1f8dc688d6b27d775f2d8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
7e42e175142087762147f8ab23f1d4d6d1104e59c6223b243958601954c2dd86
7f11242f7495d4db7c32811d9280ff6b0375e0678896cd2e8e103165d574ef31
804481a67e827f8f548d8b0062527b5954ec30a5995257e176844bc6e3b7ac21
82cd22c01dd541eb6467bbe7289bb2bd12a124c52f8fd31c69768304434ee221
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b5b40254b6e865f62bf8885e8c83a3de49f3f51d562064bf629a075247c2bc
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87d748cd651a05e770fc5513140a85dcfd5150a3eac3ebeb1dd2fc8212d2615b
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89b4969cfa14f849ac887eee9218de1e5990fa01910c6c6774c0b0c2e85c4d43
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1f98d6b47daa0548ca80d907d9af7a3fd6f784db11fca849250fce25d16886
8c8f35232ad6b6626935b4ac887d4f9aa05e173ccfbb6a9ba0a842ddc24bfb21
8cb6e34ed5451b943eec7d84f418e5f57a14658baea10bdab7cc97015240d6ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9199cba4df979a407b2fa52e133b4162aa13cd30cc4f6f868352b132feacdca9
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9c09343f798e6e9b57ca335d1ef029ef29745938598b650bd0cd776401d32dd4
9f0f591d4fd1c7191d7ced9c09a46f1f03006548ef756d9e91328127ae71c22c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11849ca516f93f71253486d07b192542bbdc550ee18e5458e76b89bcd403e88
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44e6e48634709c4c5fe291879445cab8325b047f7a88db7db3484bcfe30cf10
a6e0cc32deba303645e968036240f1f1c8e86236dd94ec391b0859b0d333909f
ab8e366637aa2f1fe38254a4ac98b8b5c7af1e89a22ffb3f59febf4c9c72dc39
ab9ce9040598160960b8705534fe62f33095bf6b4c71cb3c018fa8b94b79a8cd
ae2cb1845e7b6c0432cd87305053679c441c3c6367be1ac2350549ccdaa24037
ae9eb832495b375e14e3efb8d1711b5a849d3782fcf1b4e9fa3569a9e2dee83e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7e950ce711451e180c7db0a6cdeda2134d75af4cc1c6419efe601363f659ddf
ba73bb29b7e486c14da15d485d510cb7c5fd6c2b4f2aedc7944fcc41ec83afae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bde0ba753e08cdaef64280d3af9b41f3db133a0c25fbc8f6ca55bc3f1937c199
c11d2126c21d6cc0a2fb27d796e7c930357c0799fb92b776cbaa68a907f4bd2c
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c315e6212a545c73fe683aca4f7a83989af7e5e460aa783485ba6ad0a97af7f1
c61f14d1ac3c4307323fd4b20c8e83af57933231244f80d7308c73db17e6fe79
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbabc8b34726da3d26f4467008aa53f003fd3c9c7018647b6bdf26aabc4458f8
cbd00f11c9ef7aa834df83817bbe4e96efebf95d0d4c9318133f6561cc7a0a1d
cca3bc2eaf02809639c22f47f7744e012f6f6dbf9a4016e54ad57793ff6fc954
cd7004c6cd100ef77588318216defca03cc1a7b2d7f774198600456432378082
ce39103f153e3b9d491984a38e2ec690d62a15f889cd5c9e2f0c805228522dfa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d18c91c4a027fa471d7eb1240826abafb07f9892cd1b9486639cbf54d9f26534
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d346f3caa0807df499114aed4df68d5268414a061b9145c2e42376c9b64ad8d0
d37c24134d53a181f23c4e3d6809b53e4655690ec3804f1687fe481abd898e76
d430b68776a196399ba0cefd56d32aab4b07a29de4831e01b07d1d44920e4ca9
d6a5e597b0fe6137c1528c96bdc3329aba47ce27d455ba5ff4ebd4b1ca747282
d71e2fbcad49e8bc62fb8d9e8a4c0f77d5f91bcc18b7f601cdfc71f775bdef1c
d7b1793cec52c2231c73d4669e726f3f25c4df563085d71c7f7b408f7595e2ff
d8277dbd91c7065050af58a458afe3b470525dd24d697de815fcfbcd30b58a69
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
df15a6393e7b31940c1e5a1f8dae2a1aeab20f213aa449ee7123819428519371
e12deb83d976c8fa18f1bcad551b8cf239d7335b0a61a63812bc97a04afb8496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e437246292a78af6168ca78e2f9f93d149344348de0d19b48e2f231e6cde6c77
e828929ba8423ace72a85061f6c329e719aa99e6113898cf4c7233d25a8934b0
e9a95636847dc56f88cc48ce6c6aa4f7239ee367612e7ca5c0c2f1ba6ea0d268
eb6c1b9dbd6c867f2829d315951519ca0a3afadf6eccd6c54ba2155beb1dbfa7
ee5e8b6ac53697d1fd9dda09e7d90a1bd8cda3b3e0ac4f280ec262df84adc6a9
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d1330d012f39e9bbba24b5177cf1ae2626b84b2aae47fe9307321611711fa3
f0efb00c482d0c6a8cdbfdae195233b6baaa97ae6dbaf681386a67c29b779166
f379239f4914a736aa5136dbe4ca889a73e70d52da9da113a212afc249e87c66
f5e2c0f76f948e23b3ab39a31eaec69cfb69275001ef8f14af39dd3e16214fae
f8ed265e88e0f06c87bdd76e41079818c700405cb4c6eb666aa53d731c8d24b3
f95af51da08eb2484c1b4f961a980858ffdc293e0b8adbad05751bf5ed711066
fcd1ae76357467b97c876864aadd5cdc659fbc5d2ca8bc152a83efc2943ade2a
feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46

www.masonslots.com Open in urlscan Pro 104.18.34.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

85 %HTTPS

16 %IPv6

73 Domains

89 Subdomains

62 IPs

11 Countries

3555 kBTransfer

9220 kBSize

105 Cookies

8 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.masonslots.com Open in urlscan Pro
104.18.34.76 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

85 %
HTTPS

16 %
IPv6

73
Domains

89
Subdomains

62
IPs

11
Countries

3555 kB
Transfer

9220 kB
Size

105
Cookies

203 HTTP transactions
3 data transactions