www.google.com Open in urlscan Pro
2a00:1450:4001:828::2004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://instream.ly/SCG_matteohs?p=10
Effective URL:
https://www.google.com/search?q=satrcasno+gratis
Submission: On January 23 via manual (January 23rd 2024, 2:03:19 pm UTC) from IT — Scanned from GB

Summary HTTP 41 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2a00:1450:4001:828::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 2.
TLS certificate: Issued by GTS CA 1C3 on December 11th 2023. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.43.251.130 13.43.251.130	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3033::ac43:d2e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:c96e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
41	16

1 13.43.251.130 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-251-130.eu-west-2.compute.amazonaws.com

instream.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:d2e9 (United States)

ASN13335 (CLOUDFLARENET, US)

redirectlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:c96e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8446	99 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	115 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	47 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	32 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	44 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	97 KB
3	redirectlp.com redirectlp.com	1 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 5048	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7478	413 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	78 KB
1	instream.ly instream.ly	1 KB
41	13

	Domain	Requested by
8	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
6	www.google.com	redirectlp.com www.google.com
3	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
3	www.googletagservices.com	redirectlp.com www.googletagservices.com s0.2mdn.net
3	redirectlp.com	instream.ly redirectlp.com
2	fonts.gstatic.com	www.google.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
2	track.adform.net	1 redirects redirectlp.com
2	ad.doubleclick.net	1 redirects www.googletagservices.com
1	bit.ly	1 redirects
1	www.google.de	instream.ly
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	instream.ly
1	instream.ly
41	17

This site contains links to these domains. Also see Links.

Domain
support.google.com
policies.google.com
starcasino.gratis
translate.google.com
www.starcasino.it
starcasino.be
de.lcb.org
www.stargames.de
www.bonusinsider.com
bonusmaniac.com
www.spicycasinos.com

Subject Issuer	Validity	Valid
instream.ly Amazon RSA 2048 M02	`2023-09-16` - `2024-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redirectlp.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-11` - `2024-05-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.google.com/search?q=satrcasno+gratis
Frame ID: D4F88551DA027089B9B6C6FD36FA3242
Requests: 34 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N244601.4747693DENTSU-MOOVIT/B31023956.381556355;dc_ver=99.292;sz=120x50;u_sd=1;dc_adk=3866781243;ord=wg6fo3;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=0,https%3A%2F%2Fredirectlp.com%2F%3Ffrom%3DDM-30607013-RGlyZWN0TWFya2V0aW5n%26utm_medium%3DDIR%26dclid%3DCP25zsLW84MDFR_wEQgd5-oAyw$0;xdt=0;crlt=gWNvax3l!G;stc=1;chaa=1;sttr=84;prcl=s
Frame ID: 9F4E15F2D3AC60B94391EDC23B605F54
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F569D119F2D4888BD5E3D47D489B3B6A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3737195756126208000/43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html?ev=01_250
Frame ID: 5BAB13ED4462BF75C66A52B35B01AD51
Requests: 8 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/8c270be0-29f0-4c67-8255-f36cf5b71d04
Frame ID: 40E6AF51A02F1CC4561A84FFE9DD90F0
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F56586dbf6eba21326c4a8ca2%2Fimages%2Ffc7ef87d-9327-49d0-9cbd-1be8f7bbbaff.jpg&w=120&h=144&q=85&f=webp&rt=contain
Frame ID: 46D14D299880093C965BF54A125CE329
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

satrcasno gratis - Google Search

Page URL History Show full URLs

https://instream.ly/SCG_matteohs?p=10 Page URL
https://bit.ly/SCGMoovit HTTP 301
https://ad.doubleclick.net/ddm/trackclk/N244601.4747693DENTSU-MOOVIT/B30607013.376731015;dc_trk_aid=567... HTTP 302
https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_w... Page URL
https://www.google.com/search?q=satrcasno+gratis Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

93 %
HTTPS

69 %
IPv6

13
Domains

17
Subdomains

16
IPs

5
Countries

536 kB
Transfer

1526 kB
Size

13
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/websearch/answer/181196?hl=en-DE
Title: Accessibility help

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies?utm_source=ucbs&hl=en-DE
Title: cookies

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-DE&fg=1&utm_source=ucbs
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en-DE&fg=1&utm_source=ucbs
Title: Terms

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/answer/106230?hl=en-DE
Title: Learn more

Search URL Search Domain Scan URL

URL: https://starcasino.gratis/
Title: StarCasinò. gratis: tutte le notizie e guide sui casino onlinestarcasino.gratishttps://starcasino.gratis

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=it&u=https://starcasino.gratis/&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://starcasino.gratis/principianti/
Title: Principianti

Search URL Search Domain Scan URL

URL: https://starcasino.gratis/game-category/slots/
Title: Slots

Search URL Search Domain Scan URL

URL: https://starcasino.gratis/contattaci/
Title: Contattaci

Search URL Search Domain Scan URL

URL: https://starcasino.gratis/principianti/guide-principianti/slot-guide-principianti/
Title: Slot

Search URL Search Domain Scan URL

URL: https://www.starcasino.it/slot/novita
Title: Le Nuove Slot Gratis 2024 di StarCasinòStarCasinòhttps://www.starcasino.it › novita

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=it&u=https://www.starcasino.it/slot/novita&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://starcasino.be/
Title: Starcasino: Online Casino | Best Online Casino of Belgiumstarcasino.behttps://starcasino.be

Search URL Search Domain Scan URL

URL: https://de.lcb.org/onlinecasinobonusforum/german/starcasino-be-10-gratis-bonus
Title: starcasino.be / 10€ Gratis BonusLatest Casino Bonuseshttps://de.lcb.org › Foren › German

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=de&u=https://de.lcb.org/onlinecasinobonusforum/german/starcasino-be-10-gratis-bonus&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=it&u=https://starcasino.gratis/game-category/slots/&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://www.stargames.de/de
Title: StarGames Online Spielothek | 100% LEGAL statt Online CasinoStarGameshttps://www.stargames.de › ...

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=de&u=https://www.stargames.de/de&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://www.bonusinsider.com/casino/no-deposit-bonus/starcasino-100-free-spins-no-deposit-bonus/
Title: StarCasino 100 Free Spins No Deposit BonusBonus Insiderhttps://www.bonusinsider.com › ... › No Deposit Bonus

Search URL Search Domain Scan URL

URL: https://bonusmaniac.com/bonus/crazy-star-casino-50-free-spins-no-deposit-bonus/
Title: Crazy Star Casino: 50 FS No Deposit Bonus 2024BonusManiachttps://bonusmaniac.com › bonus › crazy-star-casino-...

Search URL Search Domain Scan URL

URL: https://www.stargames.de/de/promotions
Title: Freispiele ohne Einzahlung + Bonus ...StarGameshttps://www.stargames.de › promoti...

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=de&u=https://www.stargames.de/de/promotions&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://www.spicycasinos.com/casino-bonuses/crazy-star-casino-50-free-spins-no-deposit-bonus/
Title: Crazy Star Casino: 50 Free Spins No Deposit Bonus | 2024SpicyCasinoshttps://www.spicycasinos.com › casino-bonuses › craz...

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://instream.ly/SCG_matteohs?p=10 Page URL
https://bit.ly/SCGMoovit HTTP 301
https://ad.doubleclick.net/ddm/trackclk/N244601.4747693DENTSU-MOOVIT/B30607013.376731015;dc_trk_aid=567344119;dc_trk_cid=199745163;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1 HTTP 302
https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw Page URL
https://www.google.com/search?q=satrcasno+gratis Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://bit.ly/SCGMoovit HTTP 301
https://ad.doubleclick.net/ddm/trackclk/N244601.4747693DENTSU-MOOVIT/B30607013.376731015;dc_trk_aid=567344119;dc_trk_cid=199745163;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1 HTTP 302
https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Request Chain 7

https://track.adform.net/adfserve/?bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp] HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]

41 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 SCG_matteohs Show response
instream.ly/ 2 KB
1 KB 593ms
48ms Document
text/html 13.43.251.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://instream.ly/SCG_matteohs?p=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.251.130 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-251-130.eu-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 5f276ded416970b14ca0274dee0a063c727d93e6483585033789706ea5517a78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 23 Jan 2024 14:03:14 GMT
etag: W/"6a5-UMDOeq5DrB16zCIw5F8P0bENvkM"
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 179ms
66ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5W135HC4F

Requested by

Host: instream.ly
URL: https://instream.ly/SCG_matteohs?p=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5374d6cd708f3a4d61128699c6225ee9051857560a83949caf713327bdb6dcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://instream.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jan 2024 14:03:14 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 172ms
61ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S5W135HC4F&gtm=45je41h0v9117928122&_p=1706018594101&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=897242425.1706018594&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706018594&sct=1&seg=0&dl=https%3A%2F%2Finstream.ly%2FSCG_matteohs%3Fp%3D10&dt=Redirecting...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5W135HC4F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://instream.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://instream.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 163ms
54ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5W135HC4F&cid=897242425.1706018594&gtm=45je41h0v9117928122&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5W135HC4F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://instream.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://instream.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 191ms
78ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S5W135HC4F&cid=897242425.1706018594&gtm=45je41h0v9117928122&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=849939574

Requested by

Host: instream.ly
URL: https://instream.ly/SCG_matteohs?p=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://instream.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
redirectlp.com/
Redirect Chain

https://bit.ly/SCGMoovit
https://ad.doubleclick.net/ddm/trackclk/N244601.4747693DENTSU-MOOVIT/B30607013.376731015;dc_trk_aid=567344119;dc_trk_cid=199745163;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_t...
https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

1 KB
1 KB

285ms
154ms

Document
text/html

2606:4700:3033::ac43:d2e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Requested by

Host: instream.ly
URL: https://instream.ly/SCG_matteohs?p=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d2e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85349883816919e0070a462ab73ab7eed6c7d82606600e3b84993b84f6dd419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://instream.ly/SCG_matteohs?p=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84a0943b9ad471d8-LHR
content-encoding: br
content-type: text/html
date: Tue, 23 Jan 2024 14:03:15 GMT
last-modified: Tue, 19 Dec 2023 15:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyy8%2Fe1Q4NB1h4rDQbaFqc%2FlQHpm40vmUA3YdIy6R88eb66js8PXDv6iYOC9SfzX0w33yUZ%2BUW6aVhkGpJYGi%2FpylVlXND%2FN8%2FwUDIuqmh0vcA6SOnog5JCftME8Pj1zIYpTsrgEtLB0E0J17g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 14:03:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 style.css
redirectlp.com/ 0
0 155ms
154ms Stylesheet
text/html 2606:4700:3033::ac43:d2e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirectlp.com/style.css

Requested by

Host: redirectlp.com
URL: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d2e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZtAk6dhbmpDJZiL457jrjYDqWKp2lB4tqfrSsTJ1T4WfewRMmI%2FJ9YSyz2UeOPAZ6wrEWziPCcIvZu4YPnMLQe32Dyo%2BplF2HRGVqXcpiqqf0cdPVU%2B0ytW0lz6g%2BWnAmiKwvrk%2FEPoOuO7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 84a0943c8bee71d8-LHR
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
track.adform.net/adfserve/
Redirect Chain

https://track.adform.net/adfserve/?bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
https://track.adform.net/adfserve/?CC=1&bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]

35 B
518 B

72ms
72ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]

Requested by

Host: redirectlp.com
URL: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://redirectlp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=70371616;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 18 KB
8 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: redirectlp.com
URL: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://redirectlp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 23 Jan 2024 14:24:03 GMT

GET
H2 404 index.js
redirectlp.com/ 0
0 155ms
155ms Script
text/html 2606:4700:3033::ac43:d2e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirectlp.com/index.js

Requested by

Host: redirectlp.com
URL: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d2e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsXo503AEA5uHHHIZ%2BWMj13RX%2BL3nvIIQj2x%2FvaC5QQMvMF5WYOc8SH%2FL9kYWJk34ZYgx2mYbWyLWsJvZgs17D%2FehV0ZoFT4wHjUB%2F6DEMolmWeQAHiGcmE6Fwm9nJcAcePC%2BvRaEpAOoFU%2BZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 84a0943c8bef71d8-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ 59 KB
23 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redirectlp.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 22 Jan 2024 23:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 23:25:19 GMT

GET
H2 200 B31023956.381556355;dc_ver=99.292;sz=120x50;u_sd=1;dc_adk=3866781243;ord=wg6fo3;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=0,https%3A%2F%2Fredirectlp.com%2F%3Ffrom%3DDM-306070... Show response
ad.doubleclick.net/ddm/adi/N244601.4747693DENTSU-MOOVIT/ Frame 9F4E 64 KB
31 KB 105ms
104ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N244601.4747693DENTSU-MOOVIT/B31023956.381556355;dc_ver=99.292;sz=120x50;u_sd=1;dc_adk=3866781243;ord=wg6fo3;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=0,https%3A%2F%2Fredirectlp.com%2F%3Ffrom%3DDM-30607013-RGlyZWN0TWFya2V0aW5n%26utm_medium%3DDIR%26dclid%3DCP25zsLW84MDFR_wEQgd5-oAyw$0;xdt=0;crlt=gWNvax3l!G;stc=1;chaa=1;sttr=84;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

cac275b9c4f0e71beb3c28193de7ed665d4e969a797729fb749634f27dd29b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redirectlp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 31134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 14:03:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9F4E 111 KB
39 KB 203ms
53ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N244601.4747693DENTSU-MOOVIT/B31023956.381556355;dc_ver=99.292;sz=120x50;u_sd=1;dc_adk=3866781243;ord=wg6fo3;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=0,https%3A%2F%2Fredirectlp.com%2F%3Ffrom%3DDM-30607013-RGlyZWN0TWFya2V0aW5n%26utm_medium%3DDIR%26dclid%3DCP25zsLW84MDFR_wEQgd5-oAyw$0;xdt=0;crlt=gWNvax3l!G;stc=1;chaa=1;sttr=84;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 21:44:19 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 9F4E 12 KB
5 KB 165ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:30:09 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F4E 41 KB
14 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 560102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F569 38 KB
13 KB 54ms
53ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 580147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F4E 0
0 216ms
88ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc90ac9EK50sCGqX7M1z08OKmpnJuvTidZJRfqF6qDH8NXYLECMVtdCCug5ugsvNTEA88mN2k76EBBuw6A-bHGATY_zVWdFNQsiAphpBMACXoq39SqQQDw3-ZcDrVUciXy_Eoe8qulIPWHc17tRmlQk39JKdea_Aquj1W2BLvtg_0g2ih_dOKpPTqh7a6ZWV--rHg&sai=AMfl-YRnDX3z7ZSX2oGLmKcG0vnvYfX7JD7toVKfMQbqsH8UNHAU_J6eyEeW1C39KSWDe-sXJzzaq08Nx2s8FAwfDQEut6CzUm5EjMJilg&sig=Cg0ArKJSzA0zxD2s8G4mEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=271&cbvp=1&cisv=r20240118.35018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9960848980576846876
s0.2mdn.net/simgad/ Frame 9F4E 2 KB
2 KB 204ms
97ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9960848980576846876

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0f38b0a47e3f33a23278b9b63ddf0fda4e31f4700c0cec01a0562a8a722a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 23 Jan 2024 14:03:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2401
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 14:59:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Jan 2025 14:03:16 GMT

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame F569 39 KB
15 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 13:23:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F569 0
20 B 206ms
206ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BpCaZI8evZcGKI93-x_APicmhmAkAAAAAOAHgBAI&bg=!FxSlFFvNAAa8BdJLnAU7ADQBe5WfOLfyRJOQ_hhMAizDZ_wkV44JgTUe7CLG52KkhCNDiYjjC7tSULMRIuh1d7ydEBlhAgAAADNSAAAAAWgBBwoAYFeEHNriDrjGxRmcDK_mE-EZ1bP96pYdJ5hD4veW_ektlULhsKkmAI7b6hXiV3ZaXkcUy6zPvyxgD2HcEyIAcKmrL2kjKhMHcvoAt-soCs5JHoGnEfC4vWibYcTImYS7bJkCw2szrTpljU0BkwD8Qq7smssQQqbIgEndlVIzmpS6K5At1Vkkv2n6zJL7CHnUt4HdjtTGK1PGEqqSDyuHo_4QyckEpu6ytMmGthyafGkJp1Z8DZZqZ_PZf4c8SIGEb9pwsyY-t1ec3RSskL8tSHkRiGUUJOd2Hpk84iatFV7KNtTkEW79OtF0igoEWm_1jcvlsonmhlpviXy5Ti7JaH4z8Dz_xb1Zxl29Db7mjo1XycheQA5bmLgLUlejV4K9_pID1qdsuOAS87wVC-_c_1rTxa4xvkRj1-UWE-Ry_dzivGsKiylQPNXWpjrYfSVGUnx5tCafTDSRoksGdk5XpTvxdi8MlR_DBqd4KaCWiHpkQkvwzThSBcqj6SplIdM0_0RacJPRTriskqPPjLF7H2iiTQbbn4Ey6pU-9f3H0BnmmHg1TNLPummGWlm7uYNiIN-lnTkfYz7-Y9MyBhMNKdnYLO-D5gzzjx8xQyZuQz8YKtcdrK_xlt9_JS9na5JLYTol_6uVKRtjMA3ovElGUioluRb54Acv2b5HjPvCFK5WCu4RoxKxykjb8ySpusBFHFt8ZdlSSHQ1ObwDrnTAl0oUzNfC91qpbm5L5Hre9zpDkfQ2GLAc3oR63IIqY0vXPSycauBbNeB8YmJUbDBDjDp6Cit_lAyt-iSMxIakhZDyIKI4sW7mteJ7z-LCftAqRUMsIKXwrPSuTcPtpdH2s-HZNY_8UDs60ry2HzYZot3VnUoM_xUNMtdm0MXY9WeZ2D1Du9Kbx_x-ca8YTztvQR3Qw_0QUwbWV3YU2W_jpjIULbpXoqN-w1ajN0zF5XLEBBH9mP3AGem_awJpt-wXGZvT-6VwroZWzQMt1VK_PSG9Q1tyjznAi6bbkq0QaVfUcUwEpexKNJvTOkRK_QdnefOyRGLaOAynFxZ8V0e4djyL5PkCKQW3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:03:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F4E 206 KB
65 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 14:03:16 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F4E 0
0 87ms
86ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc90ac9EK50sCGqX7M1z08OKmpnJuvTidZJRfqF6qDH8NXYLECMVtdCCug5ugsvNTEA88mN2k76EBBuw6A-bHGATY_zVWdFNQsiAphpBMACXoq39SqQQDw3-ZcDrVUciXy_Eoe8qulIPWHc17tRmlQk39JKdea_Aquj1W2BLvtg_0g2ih_dOKpPTqh7a6ZWV--rHg&sai=AMfl-YRnDX3z7ZSX2oGLmKcG0vnvYfX7JD7toVKfMQbqsH8UNHAU_J6eyEeW1C39KSWDe-sXJzzaq08Nx2s8FAwfDQEut6CzUm5EjMJilg&sig=Cg0ArKJSzA0zxD2s8G4mEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=488&vt=11&dtpt=217&dett=3&cstd=484&cisv=r20240118.35018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html Show response
s0.2mdn.net/sadbundle/3737195756126208000/ Frame 5BAB 6 KB
2 KB 101ms
101ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3737195756126208000/43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b536c5ecf7192119fd0bb44d48cefa19ab9b5f13e91a9fcc3dfd88c71e1ef241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1868
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 14:03:16 GMT
expires: Wed, 22 Jan 2025 14:03:16 GMT
last-modified: Mon, 04 Dec 2023 14:59:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 656de92eff8b8e25101fd678 Show response
c.bannerflow.net/a/ Frame 5BAB 73 KB
25 KB 186ms
78ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/656de92eff8b8e25101fd678?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuVu_pVMDUuSZyUeucqL7YjrKZ0dxt1Nd9uZQzhLQJ6Wng8qG-42ReguOGBDG-86r9KN3gxaLhITHQNEAEJRQczcZeUC0wyaRerJlsVJIBzDrUW9FtJQy4aQ5X2bbQaSvDFMqB0vQn-CSans1AxkWpJrbWFb-cESJPg6677jxkR8Jdo8kJVn0vUHeFDBfF8j-RjmqGLkr_XBCTq8zr4TD3yriuDMKOSwbXkrg%26sai%3DAMfl-YQs7rfMr7IQhOjKL0BEqjRe-noa7WJ2P2tJi4rL_RNLwzd9pcXeBzkBxgBPN1-kji50PqTIxnSDwrLwZ_rxicOfWceswsiYrubpQQ%26sig%3DCg0ArKJSzCXwm-ftwLdeEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.google.com%252Fsearch%253Fq%253Dstarcasino%252Bsport%2526rlz%253D1C1GCEA_enMT974MT974%2526oq%253Dstarcasino%252Bsport%2526aqs%253Dchrome..69i57j69i59l2j69i64j69i65j69i60.7427j0j1%2526sourceid%253Dchrome%2526ie%253DUTF-8%2526dclid%253D%2525edclid!%2526from%253DDM-31023956-RGlyZWN0TWFya2V0aW5n%2526utm_medium%253DDIR
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3737195756126208000/43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea6eb19c418212b86c2e5388ac125f0f5b4166606225dd6f1553d23acb00a6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 14:03:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 84a09443bca9dcbb-LHR
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 200 document.0000003E7862D3.js Show response
c.bannerflow.net/accounts/betsson/56586dbf6eba21326c4a8ca2/published/5630850/7216808/ Frame 5BAB 10 KB
3 KB 70ms
69ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betsson/56586dbf6eba21326c4a8ca2/published/5630850/7216808/document.0000003E7862D3.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/656de92eff8b8e25101fd678?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuVu_pVMDUuSZyUeucqL7YjrKZ0dxt1Nd9uZQzhLQJ6Wng8qG-42ReguOGBDG-86r9KN3gxaLhITHQNEAEJRQczcZeUC0wyaRerJlsVJIBzDrUW9FtJQy4aQ5X2bbQaSvDFMqB0vQn-CSans1AxkWpJrbWFb-cESJPg6677jxkR8Jdo8kJVn0vUHeFDBfF8j-RjmqGLkr_XBCTq8zr4TD3yriuDMKOSwbXkrg%26sai%3DAMfl-YQs7rfMr7IQhOjKL0BEqjRe-noa7WJ2P2tJi4rL_RNLwzd9pcXeBzkBxgBPN1-kji50PqTIxnSDwrLwZ_rxicOfWceswsiYrubpQQ%26sig%3DCg0ArKJSzCXwm-ftwLdeEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.google.com%252Fsearch%253Fq%253Dstarcasino%252Bsport%2526rlz%253D1C1GCEA_enMT974MT974%2526oq%253Dstarcasino%252Bsport%2526aqs%253Dchrome..69i57j69i59l2j69i64j69i65j69i60.7427j0j1%2526sourceid%253Dchrome%2526ie%253DUTF-8%2526dclid%253D%2525edclid!%2526from%253DDM-31023956-RGlyZWN0TWFya2V0aW5n%2526utm_medium%253DDIR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed169b6016e7149a5092ca1d32ad40be18bebb45ee75e54096ccfdb125bef40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jan 2024 14:03:16 GMT
content-encoding: br
cf-cache-status: MISS
content-md5: 7xnyoBH19xP3p2a9nJsAZw==
x-ms-lease-status: unlocked
last-modified: Wed, 06 Sep 2023 08:59:48 GMT
server: cloudflare
etag: W/"0x8DBAEB79FE6BF66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f88b847f-401e-0001-2a04-4e8a0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 84a094448da0dcbb-LHR

GET
H2 200 animated-creative.b105a4e6577fb08357fd.js Show response
c.bannerflow.net/scripts/ Frame 5BAB 156 KB
53 KB 59ms
58ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/656de92eff8b8e25101fd678?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuVu_pVMDUuSZyUeucqL7YjrKZ0dxt1Nd9uZQzhLQJ6Wng8qG-42ReguOGBDG-86r9KN3gxaLhITHQNEAEJRQczcZeUC0wyaRerJlsVJIBzDrUW9FtJQy4aQ5X2bbQaSvDFMqB0vQn-CSans1AxkWpJrbWFb-cESJPg6677jxkR8Jdo8kJVn0vUHeFDBfF8j-RjmqGLkr_XBCTq8zr4TD3yriuDMKOSwbXkrg%26sai%3DAMfl-YQs7rfMr7IQhOjKL0BEqjRe-noa7WJ2P2tJi4rL_RNLwzd9pcXeBzkBxgBPN1-kji50PqTIxnSDwrLwZ_rxicOfWceswsiYrubpQQ%26sig%3DCg0ArKJSzCXwm-ftwLdeEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.google.com%252Fsearch%253Fq%253Dstarcasino%252Bsport%2526rlz%253D1C1GCEA_enMT974MT974%2526oq%253Dstarcasino%252Bsport%2526aqs%253Dchrome..69i57j69i59l2j69i64j69i65j69i60.7427j0j1%2526sourceid%253Dchrome%2526ie%253DUTF-8%2526dclid%253D%2525edclid!%2526from%253DDM-31023956-RGlyZWN0TWFya2V0aW5n%2526utm_medium%253DDIR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jan 2024 14:03:16 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: lEV9j3pUvMgu01szZkbLog==
age: 5397005
cf-polished: origSize=159577
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 31 Aug 2023 09:36:51 GMT
server: cloudflare
etag: W/"0x8DBAA05CE239A64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8d00186c-d01e-0071-27ef-1c33f8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 84a094448da5dcbb-LHR

GET
DATA 200
OK truncated
/ Frame 5BAB 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 8c270be0-29f0-4c67-8255-f36cf5b71d04 Show response
https://s0.2mdn.net/ Frame 40E6 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/8c270be0-29f0-4c67-8255-f36cf5b71d04
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5BAB 5 KB
5 KB 145ms
57ms Font
font/woff 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2Fb1aa60f8-3d27-4155-b375-5afad1df6e7b.woff&t=%20ACEINOPRV
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3737195756126208000/43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517c34b29f69c23aa1e0b2ec4269ce7ffe5dbc586650c57e041ebdfa840f8d90

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Jan 2024 06:37:37 GMT
server: cloudflare
age: 977139
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=b1aa60f8-3d27-4155-b375-5afad1df6e7b-subset.woff
cf-ray: 84a094466da723ff-LHR
expires: Sat, 11 Jan 2025 06:37:37 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5BAB 7 KB
7 KB 57ms
56ms Font
font/woff 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2F4e8cace1-6936-4f69-b7a9-a75af4f1e890.woff&t=%20CDIOPRSU%C3%99%CC%80
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3737195756126208000/43738-Programmaticbannerset-Newmodel-4-Italian-120x50-638372987536161910-2f96ba85-caba-49e3-b8d1-2f92445e8ddc.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6186765016080cfede0315ea8e671327867220c769a6437d35232594dd2c631d

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:16 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 06:49:29 GMT
server: cloudflare
age: 1062827
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=4e8cace1-6936-4f69-b7a9-a75af4f1e890-subset.woff
cf-ray: 84a09446de4523ff-LHR
expires: Fri, 10 Jan 2025 06:49:29 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 46D1 4 KB
4 KB 177ms
174ms Image
image/webp 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F56586dbf6eba21326c4a8ca2%2Fimages%2Ffc7ef87d-9327-49d0-9cbd-1be8f7bbbaff.jpg&w=120&h=144&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2845da628f14bce74084f5f3251ee0a51b11f4ba4ff50308816bf1b486bf0a24

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:17 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 14:03:17 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 84a094473908dcbb-LHR
content-length: 4506
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 46D1 2 KB
2 KB 112ms
110ms Image
image/webp 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F56586dbf6eba21326c4a8ca2%2Fimages%2F7df17b76-fe48-4f6d-b549-32e83d0197b8.png&w=82&h=50&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd03e13bb1cd9cbc4eb77e467b8ad388730024d49462832d95a511c2259393c8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:17 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 14:03:17 GMT
api-supported-versions: 2.0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 84a094473909dcbb-LHR
content-length: 1554
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 5BAB 0
81 B 71ms
71ms Ping
text/plain 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/656de92eff8b8e25101fd678?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuVu_pVMDUuSZyUeucqL7YjrKZ0dxt1Nd9uZQzhLQJ6Wng8qG-42ReguOGBDG-86r9KN3gxaLhITHQNEAEJRQczcZeUC0wyaRerJlsVJIBzDrUW9FtJQy4aQ5X2bbQaSvDFMqB0vQn-CSans1AxkWpJrbWFb-cESJPg6677jxkR8Jdo8kJVn0vUHeFDBfF8j-RjmqGLkr_XBCTq8zr4TD3yriuDMKOSwbXkrg%26sai%3DAMfl-YQs7rfMr7IQhOjKL0BEqjRe-noa7WJ2P2tJi4rL_RNLwzd9pcXeBzkBxgBPN1-kji50PqTIxnSDwrLwZ_rxicOfWceswsiYrubpQQ%26sig%3DCg0ArKJSzCXwm-ftwLdeEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.google.com%252Fsearch%253Fq%253Dstarcasino%252Bsport%2526rlz%253D1C1GCEA_enMT974MT974%2526oq%253Dstarcasino%252Bsport%2526aqs%253Dchrome..69i57j69i59l2j69i64j69i65j69i60.7427j0j1%2526sourceid%253Dchrome%2526ie%253DUTF-8%2526dclid%253D%2525edclid!%2526from%253DDM-31023956-RGlyZWN0TWFya2V0aW5n%2526utm_medium%253DDIR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Jan 2024 14:03:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84a094485a76dcbb-LHR
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9F4E 0
0

GET
H2 200 Primary Request search Show response
www.google.com/ 413 KB
110 KB 247ms
133ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/search?q=satrcasno+gratis

Requested by

Host: redirectlp.com
URL: https://redirectlp.com/?from=DM-30607013-RGlyZWN0TWFya2V0aW5n&utm_medium=DIR&dclid=CP25zsLW84MDFR_wEQgd5-oAyw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

f74643f0831624858d8c67e3e2d67c9529e4beacd391e735d12dfbac5e9a265d

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-hq0AO5Pp9gaKFK5iDHSIPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redirectlp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hq0AO5Pp9gaKFK5iDHSIPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 23 Jan 2024 14:03:17 GMT
expires: -1
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 166ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 05:02:22 GMT
x-content-type-options: nosniff
age: 32455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 05:02:22 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 742 B
972 B 167ms
53ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 14:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 17:17:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 14:08:05 GMT

GET
H2 204 gen_204
www.google.com/ 0
308 B 68ms
66ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=JcevZcOBI4Lzxc8PvOCM6A4&zx=1706018597749&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-wnL1BwecEOb8vffxoCtSpQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wnL1BwecEOb8vffxoCtSpQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 23 Jan 2024 14:03:17 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 googlelogo_color_92x30dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 67ms
66ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_92x30dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3831
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jan 2024 14:03:17 GMT

GET
H2 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
1 KB 61ms
61ms Image
image/webp 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/search?q=satrcasno+gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:03:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/webp
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jan 2024 14:03:17 GMT

POST
H3 204 gen_204
www.google.com/ 0
19 B 67ms
67ms Ping
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?ei=JcevZcOBI4Lzxc8PvOCM6A4&vet=10ahUKEwiDqPTD1vODAxWCefEDHTwwA-0QhJAHCAk..s&bl=d0xg&s=web&gl=de&pc=SEARCH_RESULTS_PAGE&isMobile=false

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-1qav8GSR1zxt0PAG4ja5KQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1qav8GSR1zxt0PAG4ja5KQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 23 Jan 2024 14:03:17 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f14b57268642884f29b4c23fcde11729ef5633ed687700f6a2a41f6f3f3bf6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d7f3bed76577e15bf98b2d8f72befe463602e4137678aa9df600549eea22d94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 768 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1317a1d852824563ca918011aa94d03947a8436bc635e113f51e818a24006a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b5f709a0dc65b6813c66b4d8ddc25140cba2805b9af5db32c949299b5b29d34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 998 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9a9ceefd655c1533d52c9d90c856303a264224bc83b28575f21a530d05c900c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 697 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71e1d765d891954d0dfae9df74e8c77c08750f7511da40d08e2c8c8bdd14f12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58e36057de8cfe5b730f2615fef80cf286c2bf56a336031623fc5ad31806f67b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 711 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c89d5c79b6a32aa25b228dc1ae02816142666f3d0eefea72449ebbeecc09a82

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 337 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1936a54b097e55aeb0c51a9ee9de4bf75f6b4848e84cb62657ec0877cdde0de2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
www.google.com/ 0
19 B 64ms
64ms Ping
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=web&t=aft&atyp=csi&ei=JcevZcOBI4Lzxc8PvOCM6A4&rt=wsrt.247,aft.350,frts.300,frvt.300,hst.57,prt.350,sct.280&frtp=436&imn=21&ima=0&imad=0&imac=9&wh=1200&aft=1&aftp=-1&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=satrcasno+gratis

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-oqJ5xhWvmLRpiR-ji-kd1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-oqJ5xhWvmLRpiR-ji-kd1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 23 Jan 2024 14:03:18 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWyulurFdWY5OJQAv8J4jYfRYB5hGVoQy6vawNNgyup4_fEmaVuOFVsLCd5REvGtqhsbBgkJdKyrmRQGR99fi6pVm74N1VgC5MfYcox9IiAfltLud9ehU59MuWZoY&sig=Cg0ArKJSzPAWndjiCLo8EAE&id=lidar2&mcvt=1000&p=0,0,50,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3866781243&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706018595536&rpt=829&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.instream.ly/	1970-01-21 03:29:38	Name: _ga_S5W135HC4F Value: GS1.1.1706018594.1.0.1706018594.60.0.0
.instream.ly/	1970-01-21 03:29:38	Name: _ga Value: GA1.1.897242425.1706018594
.bit.ly/	1970-01-20 22:12:50	Name: _bit Value: o0ne3e-3654bf085f8e7226e1-00F
.doubleclick.net/	1970-01-20 22:12:50	Name: APC Value: AfxxVi5Gl6NeHVs04KI7o6cn1B2PJekE3lTT66QAKuyFkv9T9a1Ptw
.doubleclick.net/	1970-01-20 17:53:38	Name: FLC Value: COmkpwQQh-vRswEY9_fDjgIgi72fXyjW7sECMKKOv60GcADauAQaMhg6FgoUKDCYF739wTqaGwYIoo6_rQagGwE
.doubleclick.net/	1970-01-21 03:15:14	Name: IDE Value: AHWqTUkUKl8NWHAjCxIJepO6J733wpn-MPrtt3zUoa8FTt3W65GmWNNIDL4W-3VBJXo
.adform.net/	1970-01-20 18:38:16	Name: C Value: 1
.adform.net/	1970-01-20 19:20:02	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 19:20:02	Name: uid Value: 4078770668820759362
.doubleclick.net/	1970-01-20 22:12:50	Name: APC Value: AfxxVi6_wu4iVmZ2lVvJwBZJ7g7sCVBiAok1bEYRwAFDifRKwJ02aQ
.google.com/	1970-01-20 22:12:50	Name: AEC Value: Ae3NU9Ov2wa6gXNJ4E_M5z6-WRSga9qBcfID5eJsVGQV_KHiUesDbNNR9w
.google.com/	1970-01-21 03:23:25	Name: __Secure-ENID Value: 17.SE=fZWoGfVj23CucHqOLNMy8kyqvTprgUOho7Fp1KqAq7s5W55LtINqoT_SZXI0nVZtarFFkvhPs4UWMk88Ja38WwM2Uf13vbFan5XxIroQrLtZ2TdVxsB_0j-JY6aC8vxAs0mOiwmJiRceWWVXJVcVh5SQ2enxRhXgaYnzHZcz_aU
.google.com/	1970-01-21 03:29:38	Name: CONSENT Value: PENDING+120

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redirectlp.com/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://redirectlp.com/index.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 34) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 34) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bit.ly
c.bannerflow.net
fonts.gstatic.com
googleads4.g.doubleclick.net
instream.ly
pagead2.googlesyndication.com
redirectlp.com
region1.analytics.google.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
13.43.251.130
142.250.184.198
2001:4860:4802:32::36
216.58.206.34
2606:4700:3033::ac43:d2e9
2606:4700::6811:c96e
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9b
37.157.5.132
67.199.248.11
0ea6eb19c418212b86c2e5388ac125f0f5b4166606225dd6f1553d23acb00a6a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1936a54b097e55aeb0c51a9ee9de4bf75f6b4848e84cb62657ec0877cdde0de2
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
2845da628f14bce74084f5f3251ee0a51b11f4ba4ff50308816bf1b486bf0a24
3c0f38b0a47e3f33a23278b9b63ddf0fda4e31f4700c0cec01a0562a8a722a7a
3c89d5c79b6a32aa25b228dc1ae02816142666f3d0eefea72449ebbeecc09a82
3d7f3bed76577e15bf98b2d8f72befe463602e4137678aa9df600549eea22d94
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
517c34b29f69c23aa1e0b2ec4269ce7ffe5dbc586650c57e041ebdfa840f8d90
5374d6cd708f3a4d61128699c6225ee9051857560a83949caf713327bdb6dcbd
58e36057de8cfe5b730f2615fef80cf286c2bf56a336031623fc5ad31806f67b
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
5f276ded416970b14ca0274dee0a063c727d93e6483585033789706ea5517a78
6186765016080cfede0315ea8e671327867220c769a6437d35232594dd2c631d
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b5f709a0dc65b6813c66b4d8ddc25140cba2805b9af5db32c949299b5b29d34
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
b4f14b57268642884f29b4c23fcde11729ef5633ed687700f6a2a41f6f3f3bf6
b536c5ecf7192119fd0bb44d48cefa19ab9b5f13e91a9fcc3dfd88c71e1ef241
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b71e1d765d891954d0dfae9df74e8c77c08750f7511da40d08e2c8c8bdd14f12
b9a9ceefd655c1533d52c9d90c856303a264224bc83b28575f21a530d05c900c
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
cac275b9c4f0e71beb3c28193de7ed665d4e969a797729fb749634f27dd29b51
cd03e13bb1cd9cbc4eb77e467b8ad388730024d49462832d95a511c2259393c8
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d1317a1d852824563ca918011aa94d03947a8436bc635e113f51e818a24006a7
d85349883816919e0070a462ab73ab7eed6c7d82606600e3b84993b84f6dd419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
f74643f0831624858d8c67e3e2d67c9529e4beacd391e735d12dfbac5e9a265d
fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a
fed169b6016e7149a5092ca1d32ad40be18bebb45ee75e54096ccfdb125bef40

www.google.com Open in urlscan Pro 2a00:1450:4001:828::2004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

69 %IPv6

13 Domains

17 Subdomains

16 IPs

5 Countries

536 kBTransfer

1526 kBSize

13 Cookies

24 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.google.com Open in urlscan Pro
2a00:1450:4001:828::2004 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

69 %
IPv6

13
Domains

17
Subdomains

16
IPs

5
Countries

536 kB
Transfer

1526 kB
Size

13
Cookies

41 HTTP transactions
16 data transactions