Submitted URL: http://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Effective URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Submission: On July 04 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 35 HTTP transactions. The main IP is 104.21.234.146, located in and belongs to CLOUDFLARENET, US. The main domain is www.vdo.ai. The Cisco Umbrella rank of the primary domain is 621421.
TLS certificate: Issued by E1 on May 6th 2024. Valid for: 3 months.
This is the only time www.vdo.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
37 KB
7 tsp.li
wl-brightside.cf.tsp.li — Cisco Umbrella Rank: 241574
wl-static.cf.tsp.li — Cisco Umbrella Rank: 186904
261 KB
6 gstatic.com
www.gstatic.com
csi.gstatic.com
141 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
177 KB
3 vdo.ai
www.vdo.ai — Cisco Umbrella Rank: 621421
102 KB
2 googlevideo.com
rr5---sn-4g5edns7.googlevideo.com — Cisco Umbrella Rank: 74076
199 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
imasdk.googleapis.com — Cisco Umbrella Rank: 531
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
75 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
99 KB
1 mailshake.com
integrations.api.mailshake.com
363 B
1 mssyht.com
w1.mssyht.com
457 B
35 12
Domain Requested by
4 wl-static.cf.tsp.li www.vdo.ai
3 csi.gstatic.com www.gstatic.com
3 www.gstatic.com securepubads.g.doubleclick.net
www.vdo.ai
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.vdo.ai
3 wl-brightside.cf.tsp.li www.vdo.ai
3 securepubads.g.doubleclick.net www.vdo.ai
securepubads.g.doubleclick.net
3 www.vdo.ai
2 rr5---sn-4g5edns7.googlevideo.com 1 redirects www.vdo.ai
2 connect.facebook.net www.vdo.ai
connect.facebook.net
1 imasdk.googleapis.com www.vdo.ai
1 googleads.g.doubleclick.net www.vdo.ai
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.vdo.ai
1 integrations.api.mailshake.com 1 redirects
1 w1.mssyht.com 1 redirects
35 18
Subject Issuer Validity Valid
vdo.ai
E1
2024-05-06 -
2024-08-04
3 months crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-13 -
2024-07-12
3 months crt.sh
*.cf.tsp.li
Go Daddy Secure Certificate Authority - G2
2024-03-06 -
2025-04-07
a year crt.sh
upload.video.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.gstatic.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Frame ID: 4F3B10807734118C3378EF0E4C11C306
Requests: 22 HTTP requests in this frame

Frame: https://a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7250238161F316BE0B4E8A91CDCE9DE7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 0905FF6A51ED65257FAE15F157FEB8CC
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBBDC7FADAC2811007B276A46D4C5969
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

13 People Shared Their Most Embarrassing Moments That Turn Into Eternal Life Comedy / Bright Side

Page URL History Show full URLs

  1. http://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa HTTP 307
    https://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa HTTP 302
    https://integrations.api.mailshake.com/beacon/click?emailID=e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622&linkID=1d9044dd-f5... HTTP 302
    https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

94 %
HTTPS

67 %
IPv6

12
Domains

18
Subdomains

17
IPs

4
Countries

1092 kB
Transfer

2787 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa HTTP 307
    https://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa HTTP 302
    https://integrations.api.mailshake.com/beacon/click?emailID=e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622&linkID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa HTTP 302
    https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=CX&mm=31&mn=sn-4g5edns7&ms=au&mv=m&mvi=5&pl=23&susc=dvc&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1646650133113966&mt=1720130226&cpn=pl7xqHSZSREfayfi&txp=0000224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAJtoxIwfHSAGdjjg0AWUejMOv0Bf_CoyluMHzbCm7XmzAiEAp4xWwrQxZRJMaJFc-QwqkxaUr82dGHKHdMj5QJ0Czh0=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHlkHjAwRAIgaETrE4-t-2nFZLOu1tZ8mZ9SovClySP_UE8hSaKeo4YCIGnQdQTuViZuYZ54eXC9aKnG3Pa6KlYUfgBN8bfKNThg HTTP 302
  • https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BOnoBAQ==&susc=dvc&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1646650133113966&cpn=pl7xqHSZSREfayfi&txp=0000224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAJtoxIwfHSAGdjjg0AWUejMOv0Bf_CoyluMHzbCm7XmzAiEAp4xWwrQxZRJMaJFc-QwqkxaUr82dGHKHdMj5QJ0Czh0=&redirect_counter=1&rm=sn-4g5e6l76&fexp=24350324,24350326,24350328,24350330,24350379,24350465,24350508,24350518&req_id=802e050665aa36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=CX&mip=2001:1b60:2:240:3247::5&mm=31&mn=sn-4g5edns7&ms=au&mt=1720130469&mv=m&mvi=5&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AHlkHjAwRQIhAL5o-pfhooiTKKwVdVv8gnQsbm2AU5Mg87l5zvK2-Q37AiB-sHDHsgrOVtQXZTGeDg1e8tI0si1cMenBASxg0CkILA%3D%3D

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.vdo.ai/sample/units/bright-side-offerwall/
Redirect Chain
  • http://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa
  • https://w1.mssyht.com/prod/e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622/1d9044dd-f580-42a3-9bcb-8ec5a68071fa
  • https://integrations.api.mailshake.com/beacon/click?emailID=e1d4ca8c-bbcf-4a7e-9d53-d60a9e96f622&linkID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
  • https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
603 KB
100 KB
Document
General
Full URL
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e103947892d01d5ad5033f7b6df7d249faafa624df5a73ff1650313f525536

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89e268fd3ea83627-FRA
content-encoding
br
content-type
text/html
date
Thu, 04 Jul 2024 22:04:17 GMT
last-modified
Tue, 28 May 2024 08:48:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c98v%2BHUIRij2eVMZxvcTae1pD%2FkNme8qH3a5%2FSdDcLxUBJuMc2ug8akVuNYpRefXFUsMyN0jKz0G04EboNwZYE7XwDmp4u%2FYm8NnOwXjohyinlrfheHy8MSRXSjn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
content-length
236
content-security-policy
default-src 'self'
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 22:04:16 GMT
location
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
permissions-policy
camera=(), geolocation=(), microphone=()
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Accept, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
js
www.googletagmanager.com/gtag/
293 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1GBSD0EH26
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cec103e888c4258f47fe741994f7fdb30882392f2cb0b3c7be327a97b3a12ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100963
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 22:04:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6d39b1a8d140b6427db833f1684985f9072ab9c148b6eb5dd39293b0d70b722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31376
x-xss-protection
0
server
cafe
etag
394 / 19908 / 31085057 / config-hash: 7963625485320637285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 22:04:17 GMT
fbevents.js
connect.facebook.net/en_US/
222 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 22:04:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=12, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
35T1pZXerLILrWJaMIXzUjlPpcyPtBYUk46Ero7HzGd/FTvgxYWi398PV1bFdYUvxDUvsxH15i8MnNoKsw+z8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
6e75845a798f82d5c300c16113.jpg.webp
wl-brightside.cf.tsp.li/resize/728x/webp/a7a/5af/
85 KB
85 KB
Image
General
Full URL
https://wl-brightside.cf.tsp.li/resize/728x/webp/a7a/5af/6e75845a798f82d5c300c16113.jpg.webp
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:b800:19:fa77:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1803d7c7cc6477d79620ba8825e2bf3f77699a705aaa036755abf9e5dc0680d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 17:00:30 GMT
via
1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
last-modified
Wed, 22 May 2024 16:43:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
3733427
etag
"a758a9754b1b6c512887e2756feb08b1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86966
x-amz-cf-id
iweiqVbSIf11gBv_gtYl0xrjvBFdl_MNQlhP7ZgQf-tRVqaw3RgsAA==
logo-desktop-big.svg
wl-static.cf.tsp.li/brightside/client/svg/
8 KB
4 KB
Image
General
Full URL
https://wl-static.cf.tsp.li/brightside/client/svg/logo-desktop-big.svg
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ce00:1a:6eef:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8fcf0d64ce16ccf4846f4e93eef4f7c85955ec9d349f03e55ebe2ff483a005f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 05:23:38 GMT
last-modified
Mon, 11 Apr 2022 09:25:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
60071
etag
W/"549ffcd66593960976aceae4409f97b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
LOmzm4I6EBhqJHrzQ-ntVu2qVLGPG4P90wkM8NFFZpCl_vxwEFkAjQ==
live-chat.svg
wl-static.cf.tsp.li/menu-icons/
4 KB
2 KB
Image
General
Full URL
https://wl-static.cf.tsp.li/menu-icons/live-chat.svg
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ce00:1a:6eef:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca2344be94e0596e8a8954caef245ebbf30f6642044de5819dcc0362921ea395

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:38:42 GMT
x-amz-version-id
D8gp3fJ7kHKxpiVxwcqyPlDLHhmXB2LJ
content-encoding
gzip
last-modified
Mon, 22 Jan 2024 07:28:34 GMT
server
AmazonS3
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"3f02c6b4332ba1ddaf8b4b8d4c66db02"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
age
84336
x-amz-cf-id
MtBaOuEk_LNRKYLjLJTFr80Dqnp2Vssdsh0qU679c7yQPA-M34dNAw==
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee709470a24ffecb07117d209060aa15c74efe0fae2a7969721b74e6207eea9c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
73eb1e56fc9db7c30eef639155.jpg
wl-brightside.cf.tsp.li/resize/256x256/jpg/1b8/799/
20 KB
21 KB
Image
General
Full URL
https://wl-brightside.cf.tsp.li/resize/256x256/jpg/1b8/799/73eb1e56fc9db7c30eef639155.jpg
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:b800:19:fa77:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b93853580b3f9d4cfbed423001bd75efd5f8d0247f81bfa0703e9b821540bbe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 16:04:36 GMT
via
1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 14:58:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
7883982
etag
"8a2fbd7fe6cc92bacf9a31d5f867b89b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20697
x-amz-cf-id
axmxAzXAsnsP4AsFA5S7ROXfj5TXIpaSm-5PaoVjCUbFUxBgCNwRbA==
8.png
wl-static.cf.tsp.li/avatars/icons_wl/
5 KB
5 KB
Image
General
Full URL
https://wl-static.cf.tsp.li/avatars/icons_wl/8.png
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ce00:1a:6eef:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9be337258555c36c5bb3c5bafb738d47af9a0b80a73b53f4120b908af6fd599

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ut2cqFXrp201AO9L_WlgI82pP5s50JaO
date
Thu, 04 Jul 2024 11:37:52 GMT
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 06:04:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
37586
x-amz-server-side-encryption
AES256
etag
"ddd6f3f49513638b8b288dc4742cfc6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5135
x-amz-cf-id
9hfoiMSkQUdAi41STAlcmhIhjLM5BJZajERC_c85x7MmnGQ4pcrBww==
8d2fc35190b94d11888139a68c.jpg.webp
wl-brightside.cf.tsp.li/resize/728x/webp/24f/4d1/
140 KB
140 KB
Image
General
Full URL
https://wl-brightside.cf.tsp.li/resize/728x/webp/24f/4d1/8d2fc35190b94d11888139a68c.jpg.webp
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:b800:19:fa77:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c252780b60da4771f40c280005222f158af15dc35bf3b7f1f4119c0106b5872

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 13:33:00 GMT
via
1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2024 00:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
6942678
etag
"344b60c19cb4b87776a68e1911b56eb5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/webp
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000
accept-ranges
bytes
content-length
143174
x-amz-cf-id
yet4oZOEJt_d0XF974xVQNOsMtAX3LllsrgDJhBOjGlqzSuM3EzNkQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/
466 KB
145 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
2fc88d4d4d71f6e63d16a5f550bd1ff0d4d09ce33b294a3121d9bbc454105e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 10:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42769
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148672
x-xss-protection
0
server
cafe
etag
3142213140391881883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 04 Jul 2025 10:11:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
64 B
78 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vdo.ai
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
12b5592c69649f9e021477e9dc7835bf5298ee8c0089528a7d341904331e1272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
expires
Thu, 04 Jul 2024 22:04:17 GMT
logo-mobile-big.svg
wl-static.cf.tsp.li/brightside/client/svg/
8 KB
4 KB
Image
General
Full URL
https://wl-static.cf.tsp.li/brightside/client/svg/logo-mobile-big.svg
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ce00:1a:6eef:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e41430c53d2b152f633ccd77cb02a2efc2e8588d18f901ed4d3029e137835a1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 19:13:52 GMT
last-modified
Mon, 11 Apr 2022 09:25:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59797
etag
W/"49ef8ee20e25538bf0382988cb5c90ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
iylpm8Nj6gofUqcLAj_fH3v0mMVrmLLKLhjd5A8RyUMYn3uJKao5yw==
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1GBSD0EH26&gtm=45je4730v887017130za200&_p=1720130657456&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=2093946173.1720130657&ecid=411425847&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&uid=CFD0B3C3-BBEA-3962-7E20-A09028ADCCF0&sid=1720130657&sct=1&seg=0&dl=https%3A%2F%2Fwww.vdo.ai%2Fsample%2Funits%2Fbright-side-offerwall%2F%3FmsID%3D1d9044dd-f580-42a3-9bcb-8ec5a68071fa&dt=13%20People%20Shared%20Their%20Most%20Embarrassing%20Moments%20That%20Turn%20Into%20Eternal%20Life%20Comedy%20%2F%20Bright%20Side&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1842&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GBSD0EH26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:04:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vdo.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
82 KB
11 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3773296797212536&correlator=2881944576983124&eid=31079957%2C31085062%2C31085057%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407010101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22639388115%2Crewarded_web_example&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=11&rbvs=1&sc=1&abxe=1&dt=1720130657575&lmt=1716886101&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.vdo.ai%2Fsample%2Funits%2Fbright-side-offerwall%2F%3FmsID%3D1d9044dd-f580-42a3-9bcb-8ec5a68071fa&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2093946173.1720130657&ga_sid=1720130658&ga_hid=1366628882&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720130657084&idt=453&adks=2084058325&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3c89495751e078ddc05297d3ecf5c565f183df04b0743a002f42533b3f638105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11365
x-xss-protection
0
google-lineitem-id
5941042745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383453042
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vdo.ai
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7250
0
0
Document
General
Full URL
https://a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 22:04:17 GMT
expires
Thu, 04 Jul 2024 22:04:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1162480377789282
connect.facebook.net/signals/config/
87 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1162480377789282?v=2.9.160&r=stable&domain=www.vdo.ai&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc0f73d54f8d6796f49240a9313402ae354420a8a063d95e99929206637aa32a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 22:04:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=44, mss=1297, tbw=63830, tp=-1, tpl=-1, uplat=78, ullat=0
pragma
public
x-fb-debug
JsmQvyNYoN4ryrklHplInoG3c8PlMYV8kCg2J1Bpy7p7TWqTFXonBll7PDQPtege/fl3Iid+Df0LWa6yrIe9Kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
223de1dac18b1c9d640ab782889d1c1539224c7ecdd572ebf7c18800581022dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12673
x-xss-protection
0
favicon.ico
www.vdo.ai/
1 KB
886 B
Other
General
Full URL
https://www.vdo.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aae994a912aea90697e62b5d5856f4c381b6adb3cfa84dae243a416ffd9a8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 31 Mar 2023 13:15:20 GMT
server
cloudflare
etag
W/"6426dce8-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00fhdlG1QaAq3vKGBzK92ZLfwhEdmaZsa6mN%2BPnurgOqFLWJy3Jrwqven8cksv8LQ1A7rMnRjZzDRGwwn%2FckBNHVHtzJB0wZxMZxKCzEygWxDoNw7PkxcoZ0yGoq"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=1800
cf-ray
89e269034e563627-FRA
css
fonts.googleapis.com/ Frame 0905
2 KB
1002 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 22:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 21:09:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 22:04:18 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0905
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jul 2024 22:04:18 GMT
rewarded_web_video_de.js
www.gstatic.com/admanager/outstream/ Frame 0905
402 KB
137 KB
Script
General
Full URL
https://www.gstatic.com/admanager/outstream/rewarded_web_video_de.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81a772757297f74e0d904b00c7e25e73d8628b81f40b5a53aeafb526afc0f23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139580
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 07 May 2024 15:22:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="drx-mobile-serving"
vary
Accept-Encoding
report-to
{"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js?cb=31085057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Jul 2024 22:04:18 GMT
favicon-32x32.png
www.vdo.ai/favicons/
2 KB
2 KB
Other
General
Full URL
https://www.vdo.ai/favicons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6aedc1dcee1c51ec443c8db6f1d0630abb128bef41e7ac9c866bd747e81566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1594
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 02 Jan 2023 09:34:32 GMT
server
cloudflare
etag
W/"63a-18571d5268f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zu9r9isPEtiRKennt47FdAfRe1B89B0WOFvgJxF%2FCP1xiTuQOD7iT2aJhAvc%2BXm6k8JwXb5bMT2x%2FJD%2Ft7aZ64EcXuBB7TNXOGeKnW4lS417rbpZ1B7u7NxHNVIy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=1800, s-maxage=180, stale-while-revalidate=180
accept-ranges
bytes
cf-ray
89e269062a473627-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBBD
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
42749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 10:11:49 GMT
expires
Fri, 04 Jul 2025 10:11:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 0905
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ly7tdqkp&c=8747764910499&slotId=4373882455249.5&qqid=CKbhyYayjocDFbklVQgdIbMM9g&fb=rewarded_web-lima&sei=44752538%2C75259414%2C95329494%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rewarded_web
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4012:4::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:04:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
volume_off.png
www.gstatic.com/dfp/native/ Frame 0905
3 KB
3 KB
Image
General
Full URL
https://www.gstatic.com/dfp/native/volume_off.png
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:47:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
age
44211
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Jul 2025 09:47:27 GMT
pause.png
www.gstatic.com/dfp/native/ Frame 0905
763 B
876 B
Image
General
Full URL
https://www.gstatic.com/dfp/native/pause.png
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 15:56:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
age
22088
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
763
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Jul 2025 15:56:10 GMT
close-circle-30x30.png
googleads.g.doubleclick.net/pagead/images/gmob/ Frame 0905
692 B
716 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/images/gmob/close-circle-30x30.png
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
1844cef84874dbf6678d41e8128ad9a0bc5b7f2b6f72e42a5a7bdbcfe4b4d122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 14:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
25513
etag
11193051980907295954
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
692
x-xss-protection
0
expires
Fri, 05 Jul 2024 14:59:05 GMT
csi
csi.gstatic.com/ Frame 0905
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ly7tdqkt&c=8747764910499&slotId=4373882455249.5&qqid=CKbhyYayjocDFbklVQgdIbMM9g&fb=rewarded_web-lima&met.4=ls.ly7tdqkt~arps.ly7tdqkv~arp_a_s.ly7tdqkv&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=9&vhc=0&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4012:4::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:04:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pagead2.googlesyndication.com/pagead/interaction/ Frame 0905
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/interaction/?ai=BkwLVYRyHZuasLbnL1PIPoeaysA-E3IKXRgAAABABIMLXxI4BOAFY8tavwoMEYJWCgIDAB7IBCnd3dy52ZG8uYWm6AQlnZnBfaW1hZ2XIAQXaAWBodHRwczovL3d3dy52ZG8uYWkvc2FtcGxlL3VuaXRzL2JyaWdodC1zaWRlLW9mZmVyd2FsbC8_bXNJRD0xZDkwNDRkZC1mNTgwLTQyYTMtOWJjYi04ZWM1YTY4MDcxZmGYApBOwAIC4AIA6gIhLzIyNjM5Mzg4MTE1L3Jld2FyZGVkX3dlYl9leGFtcGxl-ALw0R6QA8gGmAPgA6gDAeAEAdIFBhC5vPSQFqAGI6gHuL6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAf4wrECqAf7wrEC2AcB0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WOaQyYayjocD2AgCgAoFmAsBqg0CREXQFQH4FgGAFwE&sigh=2dCsuxZ0xTc&label=rewarded_ad_video_started_precaching
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 0905
453 B
922 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9204871108361101
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:04:18 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jul 2024 22:54:18 GMT
videoplayback
rr5---sn-4g5edns7.googlevideo.com/ Frame 0905
Redirect Chain
  • https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BO...
  • https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BO...
197 KB
197 KB
Media
General
Full URL
https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BOnoBAQ==&susc=dvc&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1646650133113966&cpn=pl7xqHSZSREfayfi&txp=0000224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAJtoxIwfHSAGdjjg0AWUejMOv0Bf_CoyluMHzbCm7XmzAiEAp4xWwrQxZRJMaJFc-QwqkxaUr82dGHKHdMj5QJ0Czh0=&redirect_counter=1&rm=sn-4g5e6l76&fexp=24350324,24350326,24350328,24350330,24350379,24350465,24350508,24350518&req_id=802e050665aa36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=CX&mip=2001:1b60:2:240:3247::5&mm=31&mn=sn-4g5edns7&ms=au&mt=1720130469&mv=m&mvi=5&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AHlkHjAwRQIhAL5o-pfhooiTKKwVdVv8gnQsbm2AU5Mg87l5zvK2-Q37AiB-sHDHsgrOVtQXZTGeDg1e8tI0si1cMenBASxg0CkILA%3D%3D
Requested by
Host: www.vdo.ai
URL: https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Protocol
HTTP/1.1
Server
2a00:1450:4001:68::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
08d8fadacb7e90a59bdb4edbc99f8f6d736fe3022ed3338659bb2439d5cd0f85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 04 Jul 2024 22:04:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Mar 2022 10:48:53 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-201516/201517
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
201517
Expires
Thu, 04 Jul 2024 22:04:18 GMT

Redirect headers

Date
Thu, 04 Jul 2024 22:04:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1720159457&ei=YRyHZquDLuOP6dsP8fWVqAU&ip=217.114.218.28&id=6e6aadaed7d2da10&itag=18&source=dclk_video_ads&requiressl=yes&xpc=Eghovf3BOnoBAQ==&susc=dvc&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1646650133113966&cpn=pl7xqHSZSREfayfi&txp=0000224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAJtoxIwfHSAGdjjg0AWUejMOv0Bf_CoyluMHzbCm7XmzAiEAp4xWwrQxZRJMaJFc-QwqkxaUr82dGHKHdMj5QJ0Czh0=&redirect_counter=1&rm=sn-4g5e6l76&fexp=24350324,24350326,24350328,24350330,24350379,24350465,24350508,24350518&req_id=802e050665aa36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=CX&mip=2001:1b60:2:240:3247::5&mm=31&mn=sn-4g5edns7&ms=au&mt=1720130469&mv=m&mvi=5&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AHlkHjAwRQIhAL5o-pfhooiTKKwVdVv8gnQsbm2AU5Mg87l5zvK2-Q37AiB-sHDHsgrOVtQXZTGeDg1e8tI0si1cMenBASxg0CkILA%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Thu, 04 Jul 2024 22:04:18 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

csi
csi.gstatic.com/ Frame 0905
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ly7tdqky&c=8747764910499&slotId=4373882455249.5&qqid=CKbhyYayjocDFbklVQgdIbMM9g&fb=rewarded_web-lima&hcn=0&met.4=ghmsh_s.ly7tdqkz~arp_a_e.ly7tdql0~arpf.ly7tdql0~vil.ly7tdqv3~vfl.ly7tdqxh&ghmsh_mi=18%2C22%2C43%2C44%2C45%2C106%2C109%2C&ghmsh_vi=214%2C134%2C212%2C133%2C213%2C135%2C136%2C160%2C215%2C&ghmsh_ai=140%2C49%2C141%2C139%2C24%2C50%2C51%2C25%2C23%2C&ghmsh_gvt=0&ams=1&vs=640x360&vc=avc1.4D001F&mt=video%2Fmp4&vsrc=dclk_video_ads&bit=18&cpn=pl7xqHSZSREfayfi&msm=0&is=0&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4012:4::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vdo.ai/sample/units/bright-side-offerwall/?msID=1d9044dd-f580-42a3-9bcb-8ec5a68071fa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 22:04:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407010101&jk=3773296797212536&bg=!REelRwjNAAZ5zPvEWcw7ADQBe5WfONnE4CiBgMrS1g0bPDZPzBsZxSMBGUpnlLZVvyWpxc3t7gSDuJjO1AqIql9ymeP1AgAAACpSAAAAAWgBB34ANeZ66IWB86JuX0xmXSTgIKMUw6_mAzb7S04D7lITrfrY3zASoVjxWQs4HMmYRC_yo8x6ZzI1mQKRjZrtJafkbMmv-ER3mBk2cdDRFaKDIGan8URGfScQbLgMCTKHF6zz1SiNGLK8wqBw9A3Wth4LpfiOYIcohytgiB4Embktj2wN50T20r-DcJG3qyRqPm_x__V3O6ZX5N8XaJts-UMpeA6WtOkYijgCCEm1UeU9jHPFdZxkufPjX8MWzl5wWxVr1Sf-2MhmhROX7GGyfYwsdoYnwKs9IHrFDFt-MYXK2B2zD6h7Si-rrxnSVLo8M2gV8wvCQlIddUMjBOepyEyfQuiGnFyEQTFapx_wI4sH4WrHKWZoG9xg_UdSEMQsc6Kd_80KmYJL0Px9DZ0ay17byH-ApyKuXRPK0DVMp9OzU57CXtlOcpv0lcXIDiFIvibRHA9T9sniqKveT6OaNHRE86FhbFYPrD1ZW722ptHOdMDKKJuwYSPLW3SDsq2251S_NHTdusPVgBmN0DJd9kPeyZns2KNhPkW3jzr0qK48G-isUreopqjtsMkHhWCgCxVwS81_4kzxe73XrSeEYW654yVksdPLWmVwF9Amgsw9m-qbyvXpSKXnF90Wu9BfM1a49yPMI6K5IUm_yZxdORQL5FRbnSgchtFxruuKwZc98JH9Mo1DKUOH4-Kvy0RX3sKfYtPLI8Egmx6xY2Kx7CRmrQxZ7WZl-W0J8mu3AgOKZKpYRZgLVPPqkI9Uw7UwjlH6lAWoTxD7PbOrP-Qu63KP7y_44ss1Hj3bDo8Nj5Qo_3DFmh0_0SKdd1MAN5P6gPsGQNe4v7N-F07ryA34ZUW-1MSYkrl1y-I3V1rpizfE-GTPN2g90V66EYRzZZbTNvK6iIYwRnvSu9q_zIKUvkn2NkoIZElnfan7gwwqizNyD0J2nI9J9AKxvdoA

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| apstag object| Ya object| yaContextCb function| fbq function| _fbq object| SVG_STATE object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| SSR_STATE function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga function| generateGuid function| gaGetUserId function| dismissRewardedAd function| showVdoaiPopup object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id boolean| domLoadEventFired object| GoogleGcLKhOms number| google_global_correlator object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3c95b18101690467d18fb7a36d95b50.safeframe.googlesyndication.com
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
googleads.g.doubleclick.net
imasdk.googleapis.com
integrations.api.mailshake.com
pagead2.googlesyndication.com
region1.google-analytics.com
rr5---sn-4g5edns7.googlevideo.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
w1.mssyht.com
wl-brightside.cf.tsp.li
wl-static.cf.tsp.li
www.googletagmanager.com
www.gstatic.com
www.vdo.ai
pagead2.googlesyndication.com
104.21.234.146
142.250.181.226
172.217.18.2
172.217.23.98
2001:4860:4802:34::36
2404:6800:4012:4::2003
2600:9000:235a:b800:19:fa77:aac0:93a1
2600:9000:266e:ce00:1a:6eef:3c0:93a1
2a00:1450:4001:68::a
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a03:2880:f084:105:face:b00c:0:3
34.231.114.39
52.200.32.171
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d8fadacb7e90a59bdb4edbc99f8f6d736fe3022ed3338659bb2439d5cd0f85
12b5592c69649f9e021477e9dc7835bf5298ee8c0089528a7d341904331e1272
1803d7c7cc6477d79620ba8825e2bf3f77699a705aaa036755abf9e5dc0680d7
1844cef84874dbf6678d41e8128ad9a0bc5b7f2b6f72e42a5a7bdbcfe4b4d122
223de1dac18b1c9d640ab782889d1c1539224c7ecdd572ebf7c18800581022dd
2fc88d4d4d71f6e63d16a5f550bd1ff0d4d09ce33b294a3121d9bbc454105e05
3c252780b60da4771f40c280005222f158af15dc35bf3b7f1f4119c0106b5872
3c89495751e078ddc05297d3ecf5c565f183df04b0743a002f42533b3f638105
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
4b93853580b3f9d4cfbed423001bd75efd5f8d0247f81bfa0703e9b821540bbe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6d39b1a8d140b6427db833f1684985f9072ab9c148b6eb5dd39293b0d70b722a
7e6aedc1dcee1c51ec443c8db6f1d0630abb128bef41e7ac9c866bd747e81566
81a772757297f74e0d904b00c7e25e73d8628b81f40b5a53aeafb526afc0f23d
8aae994a912aea90697e62b5d5856f4c381b6adb3cfa84dae243a416ffd9a8dc
b9be337258555c36c5bb3c5bafb738d47af9a0b80a73b53f4120b908af6fd599
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c8fcf0d64ce16ccf4846f4e93eef4f7c85955ec9d349f03e55ebe2ff483a005f
ca2344be94e0596e8a8954caef245ebbf30f6642044de5819dcc0362921ea395
cc0f73d54f8d6796f49240a9313402ae354420a8a063d95e99929206637aa32a
cec103e888c4258f47fe741994f7fdb30882392f2cb0b3c7be327a97b3a12ec3
d4e103947892d01d5ad5033f7b6df7d249faafa624df5a73ff1650313f525536
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41430c53d2b152f633ccd77cb02a2efc2e8588d18f901ed4d3029e137835a1a
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ee709470a24ffecb07117d209060aa15c74efe0fae2a7969721b74e6207eea9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629