promo.mondiamedia.com Open in urlscan Pro
104.20.27.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_...
Effective URL:
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm...
Submission: On February 21 via manual (February 21st 2024, 8:17:17 am UTC) from IN — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 6 countries across 8 domains to perform 21 HTTP transactions. The main IP is 104.20.27.241, located in and belongs to CLOUDFLARENET, US. The main domain is promo.mondiamedia.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on January 25th 2024. Valid for: a year.

This is the only time promo.mondiamedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.71.68 172.67.71.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.66.40.30 185.66.40.30	197712 (CDMON sis...) (CDMON sistemes@cdmon.com)
1 2	62.212.87.243 62.212.87.243	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 10	104.20.27.241 104.20.27.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	137.74.127.135 137.74.127.135	16276 (OVH) (OVH)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
21	9

1 172.67.71.68 (United States)

ASN13335 (CLOUDFLARENET, US)

dolpusads.aftrad-visit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.40.30 (Spain) 1 redirects

ASN197712 (CDMON sistemes@cdmon.com, ES)
PTR: fnadm-67.srv.cat

lktrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.212.87.243 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com

runsafeads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.20.27.241 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promo.mondiamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.mondiamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.74.127.135 (France)

ASN16276 (OVH, FR)

piwik.mondiamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mondiamedia.com 1 redirects promo.mondiamedia.com p.mondiamedia.com piwik.mondiamedia.com — Cisco Umbrella Rank: 725113	710 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	312 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	178 KB
2	runsafeads.com 1 redirects runsafeads.com — Cisco Umbrella Rank: 743052	61 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	lktrack.com 1 redirects lktrack.com	241 B
1	aftrad-visit.com dolpusads.aftrad-visit.com	574 B
21	8

	Domain	Requested by
8	promo.mondiamedia.com	1 redirects promo.mondiamedia.com
3	piwik.mondiamedia.com	dolpusads.aftrad-visit.com piwik.mondiamedia.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	dolpusads.aftrad-visit.com connect.facebook.net
2	www.googletagmanager.com	promo.mondiamedia.com www.googletagmanager.com
2	p.mondiamedia.com	promo.mondiamedia.com
2	runsafeads.com	1 redirects dolpusads.aftrad-visit.com
1	www.facebook.com	promo.mondiamedia.com
1	lktrack.com	1 redirects
1	dolpusads.aftrad-visit.com
21	10

This site contains no links.

Subject Issuer	Validity	Valid
aftrad-visit.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
track.opticks.io R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.mondiamedia.com AlphaSSL CA - SHA256 - G4	`2024-01-25` - `2025-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-30` - `2024-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Frame ID: 215F8C46C5F5B3ABE1C8F26B81929572
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vodacom_playinc VC Vodacom Playinc

Page URL History Show full URLs

https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&s... Page URL
https://lktrack.com/adserver/delivery/click.php?site_id=70906&aff_sub=201ZtPzFeBxwvayFZLZkt75Pys... HTTP 302
https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublish... Page URL
https://runsafeads.com/l/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublish... HTTP 303
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?sub... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

9
IPs

6
Countries

1018 kB
Transfer

1746 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE} Page URL
https://lktrack.com/adserver/delivery/click.php?site_id=70906&aff_sub=201ZtPzFeBxwvayFZLZkt75PysryQTNbMEeJEojks2mSTsLBENt9UCEYKGhEkBsheeNTcX HTTP 302
https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_ Page URL
https://runsafeads.com/l/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_&&_tdf=139&_opt8EbeA5xCStXV=45d996d8&_m=1uc HTTP 303
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://lktrack.com/adserver/delivery/click.php?site_id=70906&aff_sub=201ZtPzFeBxwvayFZLZkt75PysryQTNbMEeJEojks2mSTsLBENt9UCEYKGhEkBsheeNTcX HTTP 302
https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_

Request Chain 9

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/ HTTP 302
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?track_id=01HQ5BTXYVPNR7GKQWDWGWMNVD

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 direct
dolpusads.aftrad-visit.com/track/ 188 B
574 B 123ms
58ms Document
text/html 172.67.71.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 858d8d25abb668f5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 08:17:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ka3Qg5oiK7z4uKSGDVeDmWXhxcZ%2FPNFx2R2V1brrLmnuhxeBMgRPb%2BvvsuEryABpZFcuBWBKhtpmRHCqV%2BX4fS6UCNJjuZql1TBsb0dpPEoE%2FK4EqZ2ec4SrUlMXn2u9Ox4xhUKzbNPolbv"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

5375009f5becc1850f Show response
runsafeads.com/g/
Redirect Chain

https://lktrack.com/adserver/delivery/click.php?site_id=70906&aff_sub=201ZtPzFeBxwvayFZLZkt75PysryQTNbMEeJEojks2mSTsLBENt9UCEYKGhEkBsheeNTcX
https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_

168 KB
61 KB

102ms
32ms

Document
text/html

62.212.87.243
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_
Requested by: Host: dolpusads.aftrad-visit.com
URL: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: opticksconversions.com
Software: /
Resource Hash: 199ff57d3439a7944e99d9cc8bf1ecdea860c7e47f9e62f481a062975ed56552

Request headers

Referer: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cache-control: private, max-age=0, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 21 Feb 2024 08:17:10 GMT
etag: cefb56a165d5b186174e5b64306ae8b8--gzip
pragma: no-cache
vary: Accept-Encoding, User-Agent

Redirect headers

content-length: 2
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 08:17:10 GMT
location: https://runsafeads.com/g/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_
referrer-policy: no-referrer
server: Apache

GET
DATA 200
OK truncated Show response
/ 1 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer
Origin: https://runsafeads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2

200

Primary Request / Show response
promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/
Redirect Chain

https://runsafeads.com/l/5375009f5becc1850f?external_id=QXhLNTNlVUtwT1I4bE1reGxqaWRjZz09&subpublisher_id=70906_&&_tdf=139&_opt8EbeA5xCStXV=45d996d8&_m=1uc
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_2024022108171...

22 KB
6 KB

231ms
148ms

Document
text/html

104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9968058ea3e53ecce2aad08e51572e6e04bce8ffc02efa788bb3ee031d6577bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://runsafeads.com
Referer: https://runsafeads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9
device-memory: 8
dpr: 1
viewport-width: 1600

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: MISS
cf-ray: 858d8d2a7d5a6904-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 08:17:10 GMT
last-modified: Wed, 21 Feb 2024 08:17:10 GMT
server: cloudflare
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 21 Feb 2024 08:17:10 GMT
location: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks

GET
H2 200 Roboto-Bold.woff
promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/ 118 KB
117 KB 436ms
432ms Font
application/font-woff 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Bold.woff

Requested by

Host: promo.mondiamedia.com
URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

920b97708a349fed0e2b9f11a00648bb8a01ad47c34fc858b38492ba9cdbcb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Origin: https://promo.mondiamedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 14:57:53 GMT
server: cloudflare
etag: W/"839c4e989d23da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
vary: Accept-Encoding
cf-ray: 858d8d2b7e0a6904-FRA
access-control-allow-headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With

GET
H2 200 Roboto-Regular.woff
promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/ 117 KB
116 KB 161ms
160ms Font
application/font-woff 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6a836702bc53ec119fcfb9a153189326ba8fdf6c5d76d040f18befaf93e136cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Origin: https://promo.mondiamedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 14:57:49 GMT
server: cloudflare
etag: W/"3e66c969d23da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
vary: Accept-Encoding
cf-ray: 858d8d2b7e0c6904-FRA
access-control-allow-headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With

GET
H2 200 Roboto-Thin.woff
promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/ 116 KB
115 KB 174ms
173ms Font
application/font-woff 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Thin.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f6a8477d6b53064c3bc87cf240fab335ff9c598a5c3072db091e32925b23f827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Origin: https://promo.mondiamedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 14:57:49 GMT
server: cloudflare
etag: W/"07a969d23da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
vary: Accept-Encoding
cf-ray: 858d8d2b7e0d6904-FRA
access-control-allow-headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With

GET
H2 200 jquery.min.js Show response
promo.mondiamedia.com/public/assets/js/ 84 KB
30 KB 35ms
33ms Script
application/javascript 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mondiamedia.com/public/assets/js/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

633ba16fa4ae95cc60b2a7dd1dceff0a235d31edc5340e6249ee9c0fcd96d0c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 21 Dec 2023 12:35:17 GMT
server: cloudflare
age: 8556
etag: "212c27cf14c8e52a00392521319462f0a660fee3-gzip"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, must-revalidate
cf-ray: 858d8d2b7e0e6904-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 aHR0cDovL3NzYS5tb25kaWFtZWRpYS5jb20vbW0tbHAvZ2gvdmMvcGxheWluYy9wcm9tby9nZW5lcmljLzAxL2VuL2ltYWdlcy9tYWluX0VOLmpwZWc7YTZmYjEzNWJlOWNi.jpeg
p.mondiamedia.com/api/fetch/image/proxy/0x0/ 124 KB
125 KB 103ms
93ms Image
image/jpeg 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.mondiamedia.com/api/fetch/image/proxy/0x0/aHR0cDovL3NzYS5tb25kaWFtZWRpYS5jb20vbW0tbHAvZ2gvdmMvcGxheWluYy9wcm9tby9nZW5lcmljLzAxL2VuL2ltYWdlcy9tYWluX0VOLmpwZWc7YTZmYjEzNWJlOWNi.jpeg
Requested by: Host: promo.mondiamedia.com
URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6312dad54e848b926abd8e53e9213493f29241cd883de20258c6461fec51bd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2024 07:51:01 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-mm-correlation-id: 97d3fe0a-defb-43ce-9757-32ce022cb78b
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 858d8d2b8e166904-FRA
alt-svc: h3=":443"; ma=86400
content-length: 127368
expires: Thu, 22 Feb 2024 08:17:10 GMT

GET
H2 200 aHR0cDovL3NzYS5tb25kaWFtZWRpYS5jb20vbW0tbHAvZ2gvdmMvcGxheWluYy9hc3NldHMvaW1hZ2VzL2xvZ29fdmRmLmpwZWc7MzIxMDBkOWI2YjNm.jpeg
p.mondiamedia.com/api/fetch/image/proxy/0x0/ 12 KB
12 KB 70ms
61ms Image
image/jpeg 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.mondiamedia.com/api/fetch/image/proxy/0x0/aHR0cDovL3NzYS5tb25kaWFtZWRpYS5jb20vbW0tbHAvZ2gvdmMvcGxheWluYy9hc3NldHMvaW1hZ2VzL2xvZ29fdmRmLmpwZWc7MzIxMDBkOWI2YjNm.jpeg
Requested by: Host: promo.mondiamedia.com
URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58ec6cc9e61596a7cc3f906e0cebfb7dc830c8a70680f4bd75616fdbd83e1ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2024 07:51:01 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-mm-correlation-id: 88ba83fa-c727-4388-8043-a00de2b8e023
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 858d8d2b8e176904-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11942
expires: Thu, 22 Feb 2024 08:17:10 GMT

GET
H3

200

/
promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/
Redirect Chain

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/
https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?track_id=01HQ5BTXYVPNR7GKQWDWGWMNVD

22 KB
22 KB

146ms
146ms

Image
text/html

104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?track_id=01HQ5BTXYVPNR7GKQWDWGWMNVD

Requested by

Protocol

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2024 08:17:11 GMT
server: cloudflare
content-encoding: gzip
vary: accept-encoding
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: public, max-age=1800
cf-ray: 858d8d2c3d281981-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 21 Feb 2024 08:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
location: /gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?track_id=01HQ5BTXYVPNR7GKQWDWGWMNVD
cache-control: max-age=1800
cf-ray: 858d8d2bccd31981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
89 KB 99ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHM95LV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e7d53083b96920bf6ff116fd394eef4e75cc91a54cface8d99d3bc50bd82b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90271
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 08:17:11 GMT

GET
H/1.1 200
OK piwik.js Show response
piwik.mondiamedia.com/ 165 KB
166 KB 135ms
44ms Script
application/javascript 137.74.127.135
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.mondiamedia.com/piwik.js
Requested by: Host: dolpusads.aftrad-visit.com
URL: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 137.74.127.135 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 17c6255d9153ce0af8a0b5d4c9fdf549010b84dc91211e3a2e8242e057371630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Feb 2024 08:17:11 GMT
last-modified: Wed, 17 Aug 2022 08:01:14 GMT
server: nginx
x-iplb-request-id: D972DA15:8880_894A7F87:01BB_65D5B187_C46EF8:2765
etag: "62fca04a-295ef"
x-iplb-instance: 53752
content-type: application/javascript
cache-control: max-age=3600, public, private
accept-ranges: bytes
content-length: 169455
expires: Wed, 21 Feb 2024 09:17:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 82ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dolpusads.aftrad-visit.com
URL: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7670&publisher_id=54&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 08:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: F+HFDi9ZxZk3cdRKsskp6RxSCLP/S4onrqYnjF+04WQKkUJ23rKawt4mHgsZQMm67utRgEzBXBVlQZCdfu+IpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
90 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8ZTV61CV8D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHM95LV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

421356e5070811b804c39d6fd8a24b37f72bcc7a725563abb44337af6afbdb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 08:17:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 91ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZTV61CV8D&gtm=45je42h0v897091286z8849464815za200&_p=1708503430955&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=485957414.1708503431&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708503431&sct=1&seg=0&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fgh-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fgh%2Fvc%2Fplayinc%2Fpromo%2Fgeneric%2F01%2Fen%2F%3FsubsTypeId%3D71800001%26utm_source%3D8585%26utm_campaign%3DGH_Vd_playinc_01%26track_id%3Dtrack_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0%26agency%3Dopticks&dr=https%3A%2F%2Frunsafeads.com%2F&dt=Vodacom_playinc%20VC%20Vodacom%20Playinc&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=704
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZTV61CV8D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 08:17:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.mondiamedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1374826066447644 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 201ms
199ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1374826066447644?v=2.9.147&r=stable&domain=promo.mondiamedia.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

961480142a856f3ed4182b0a21cc2e49fd48197f538cebf86cba97dda58036bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 08:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: ubZ0mDdgY08vXfkzMrRgmWc6NB0ix1lIsDJMzd61QxY52erHqcnp+hmJEqQGZH4sFhf5NNM7VZ+ELKRTomQ89Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Response piwik.php
piwik.mondiamedia.com/ 0
356 B 51ms
51ms Ping
text/html 137.74.127.135
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.mondiamedia.com/piwik.php?action_name=Unlimited%20Games%2Fpartner%2Fssa%2FVodacom_playinc%20VC%20Vodacom%20Playinc&idsite=334&rec=1&r=192238&h=9&m=17&s=11&url=https%3A%2F%2Fpromo.mondiamedia.com%2Fgh-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fgh%2Fvc%2Fplayinc%2Fpromo%2Fgeneric%2F01%2Fen%2F%3FsubsTypeId%3D71800001%26utm_source%3D8585%26utm_campaign%3DGH_Vd_playinc_01%26track_id%3Dtrack_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0%26agency%3Dopticks&urlref=https%3A%2F%2Frunsafeads.com%2F&_id=8f6ebca0564ffbbb&_idn=1&send_image=0&_rcn=GH_Vd_playinc_01&_refts=1708503431&_ref=https%3A%2F%2Frunsafeads.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=Mondia&dimension2=Unlimited%20Games&dimension3=undefined&dimension4=undefined&dimension5=Games&dimension7=0&dimension8=Games&dimension11=undefined&dimension12=Web&dimension13=ANONYMOUS&pv_id=uPYKBk&pf_net=76&pf_srv=150&pf_tfr=2&pf_dm1=56
Requested by: Host: piwik.mondiamedia.com
URL: https://piwik.mondiamedia.com/piwik.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 137.74.127.135 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.mondiamedia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
content-encoding: none
server: nginx
x-iplb-request-id: D972DA15:8880_894A7F87:01BB_65D5B187_C46EFB:2765
x-iplb-instance: 53752
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://promo.mondiamedia.com
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK configs.php Show response
piwik.mondiamedia.com/plugins/HeatmapSessionRecording/ 118 B
359 B 77ms
40ms Script
application/javascript 137.74.127.135
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.mondiamedia.com/plugins/HeatmapSessionRecording/configs.php?idsite=334&trackerid=L608MK&url=https%3A%2F%2Fpromo.mondiamedia.com%2Fgh-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fgh%2Fvc%2Fplayinc%2Fpromo%2Fgeneric%2F01%2Fen%2F%3FsubsTypeId%3D71800001%26utm_source%3D8585%26utm_campaign%3DGH_Vd_playinc_01%26track_id%3Dtrack_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0%26agency%3Dopticks
Requested by: Host: piwik.mondiamedia.com
URL: https://piwik.mondiamedia.com/piwik.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 137.74.127.135 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 084084f86e4f0b56514e93ee2b25a32c9a986499dbff4e99d63f92fc1cb71eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
server: nginx
x-iplb-request-id: D972DA15:8880_894A7F87:01BB_65D5B187_C46EFD:2765
x-iplb-instance: 53752
transfer-encoding: chunked
content-type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1374826066447644&ev=PageView&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fgh-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fgh%2Fvc%2Fplayinc%2Fpromo%2Fgeneric%2F01%2Fen%2F%3FsubsTypeId%3D71800001%26utm_source%3D8585%26utm_campaign%3DGH_Vd_playinc_01%26track_id%3Dtrack_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0%26agency%3Dopticks&rl=https%3A%2F%2Frunsafeads.com%2F&if=false&ts=1708503431627&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708503431625.1753048251&ler=other&cdl=API_unavailable&it=1708503431402&coo=false&exp=e1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Feb 2024 08:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 hit
promo.mondiamedia.com/gh-vc-games/api/ 78 B
78 B 164ms
162ms Image
image/gif 104.20.27.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.mondiamedia.com/gh-vc-games/api/hit?pageType=landing&subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.27.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 858d8d3038421981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZTV61CV8D&gtm=45je42h0v897091286za200&_p=1708503430955&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=485957414.1708503431&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708503431&sct=1&seg=0&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fgh-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fgh%2Fvc%2Fplayinc%2Fpromo%2Fgeneric%2F01%2Fen%2F%3FsubsTypeId%3D71800001%26utm_source%3D8585%26utm_campaign%3DGH_Vd_playinc_01%26track_id%3Dtrack_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0%26agency%3Dopticks&dr=https%3A%2F%2Frunsafeads.com%2F&dt=Vodacom_playinc%20VC%20Vodacom%20Playinc&en=scroll&epn.percent_scrolled=90&_et=12&tfd=5719
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZTV61CV8D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mondiamedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 08:17:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.mondiamedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lktrack.com/adserver/delivery	1970-01-20 18:36:29	Name: linkadia_27169_70906_clk Value: y
promo.mondiamedia.com/gh-vc-games	1969-12-31 23:59:59	Name: mm-lp Value: ?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks
promo.mondiamedia.com/gh-vc-games	1970-01-20 18:35:05	Name: mmcampaign Value: eyJzdWJzVHlwZUlkIjoiNzE4MDAwMDEiLCJ1dG1fc291cmNlIjoiODU4NSIsInV0bV9jYW1wYWlnbiI6IkdIX1ZkX3BsYXlpbmNfMDEiLCJ0cmFja19pZCI6InRyYWNrXzIwMjQwMjIxMDgxNzEwXzNmZTczMDRhXzAwMThfNDgxZl9hNDU4X2U2YjFhZDU0MzNiMCIsImFnZW5jeSI6Im9wdGlja3MifQ==
promo.mondiamedia.com/gh-vc-games	1970-01-20 18:35:05	Name: mm-promo Value: Fe26.2*9d092453f1f06744fa13ba1a4f1e6b0ba662a92bdf59eed1d1ceca9619f0bd17BZq4Jd-FK89U9QxeEA_UJAw0Zp9keXsfUvJDDeJrpOJ4BHNm-Z1_Bha0clrlMTFU__YGKAx9s_Oqn7VIdlIuoBd9050c0a1de46a955c83a423fefebbf9b88a7fd267303cb08572cf9931e95f189a0A9OMGCLVSmur-LB8vBfUPzERlDIN9NH2CaLe-qs8
.mondiamedia.com/	1970-01-20 20:44:39	Name: _gcl_au Value: 1.1.146711830.1708503431
piwik.mondiamedia.com/	1969-12-31 23:59:59	Name: SERVERID16042 Value: 0590675d\|ZdWxi\|ZdWxi
.mondiamedia.com/	1970-01-21 04:11:03	Name: _ga Value: GA1.1.485957414.1708503431
.mondiamedia.com/	1970-01-21 04:11:03	Name: _ga_8ZTV61CV8D Value: GS1.1.1708503431.1.0.1708503431.0.0.0
promo.mondiamedia.com/	1970-01-20 22:57:51	Name: _pk_ref.334.cab4 Value: %5B%22GH_Vd_playinc_01%22%2C%22%22%2C1708503431%2C%22https%3A%2F%2Frunsafeads.com%2F%22%5D
promo.mondiamedia.com/	1970-01-21 04:00:58	Name: _pk_id.334.cab4 Value: 8f6ebca0564ffbbb.1708503431.
promo.mondiamedia.com/	1970-01-20 18:35:05	Name: _pk_ses.334.cab4 Value: 1
.mondiamedia.com/	1970-01-20 20:44:39	Name: _fbp Value: fb.1.1708503431625.1753048251

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1374826066447644?v=2.9.147&r=stable&domain=promo.mondiamedia.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks Message: The resource https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks Message: The resource https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Thin.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/promo/generic/01/en/?subsTypeId=71800001&utm_source=8585&utm_campaign=GH_Vd_playinc_01&track_id=track_20240221081710_3fe7304a_0018_481f_a458_e6b1ad5433b0&agency=opticks Message: The resource https://promo.mondiamedia.com/gh-vc-games/proxy/promo-ssa/ssa/mm-lp/gh/vc/playinc/assets/fonts/Roboto-Regular.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dolpusads.aftrad-visit.com
lktrack.com
p.mondiamedia.com
piwik.mondiamedia.com
promo.mondiamedia.com
region1.google-analytics.com
runsafeads.com
www.facebook.com
www.googletagmanager.com
104.20.27.241
137.74.127.135
172.67.71.68
185.66.40.30
2001:4860:4802:32::36
2a00:1450:4001:808::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
62.212.87.243
084084f86e4f0b56514e93ee2b25a32c9a986499dbff4e99d63f92fc1cb71eae
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
17c6255d9153ce0af8a0b5d4c9fdf549010b84dc91211e3a2e8242e057371630
199ff57d3439a7944e99d9cc8bf1ecdea860c7e47f9e62f481a062975ed56552
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
421356e5070811b804c39d6fd8a24b37f72bcc7a725563abb44337af6afbdb8f
6312dad54e848b926abd8e53e9213493f29241cd883de20258c6461fec51bd61
633ba16fa4ae95cc60b2a7dd1dceff0a235d31edc5340e6249ee9c0fcd96d0c8
6a836702bc53ec119fcfb9a153189326ba8fdf6c5d76d040f18befaf93e136cb
8e7d53083b96920bf6ff116fd394eef4e75cc91a54cface8d99d3bc50bd82b6b
920b97708a349fed0e2b9f11a00648bb8a01ad47c34fc858b38492ba9cdbcb4c
961480142a856f3ed4182b0a21cc2e49fd48197f538cebf86cba97dda58036bc
9968058ea3e53ecce2aad08e51572e6e04bce8ffc02efa788bb3ee031d6577bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f58ec6cc9e61596a7cc3f906e0cebfb7dc830c8a70680f4bd75616fdbd83e1ec
f6a8477d6b53064c3bc87cf240fab335ff9c598a5c3072db091e32925b23f827

promo.mondiamedia.com Open in urlscan Pro 104.20.27.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

44 %IPv6

8 Domains

10 Subdomains

9 IPs

6 Countries

1018 kBTransfer

1746 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

12 Cookies

4 Console Messages

Indicators

promo.mondiamedia.com Open in urlscan Pro
104.20.27.241 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

9
IPs

6
Countries

1018 kB
Transfer

1746 kB
Size

12
Cookies

21 HTTP transactions
1 data transactions